Chrome Issues Eleven Security Fixes, Including Two for Zero Day Flaws Exploited in the Wild
Vermilion Strike group has a stealth Linux version of Cobalt Strike Beacon backdoor, Over 61 mil. health and fitness tracker records leaked, Kape Technologies buys Express VPN for $936 mil., more
Don’t miss our special report on Apple’s emergency fix for a zero-click, zero day flaw affecting all Apple products.
Google released Chrome 93.0.4577.82 for Windows, Mac, and Linux to fix eleven security vulnerabilities, two of them zero-days exploited in the wild.
The two zero-day vulnerabilities, both memory bugs, were disclosed to Google on September 8th, 2021. Although the zero days often crash browsers, malicious actors can also exploit them to perform remote code execution, sandbox escapes, and other bad behavior. (Lawrence Abrams / Bleeping Computer)
Related: ZDNet, SecureNews, Security Affairs, gHacks, Forbes, The Hacker News
Researchers at Intezer Labs say that the Vermilion group developed Vermilion Strike, a one-of-a-kind Linux version of the Cobalt Strike Beacon backdoor.
The researchers also say the threat actor group re-wrote the original Windows version of the Beacon backdoor to evade detection. Cobalt Strike Beacon is used to deploy other additional Cobalt Strike components…
Keep reading with a 7-day free trial
Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.