Kaspersky uncovers zero-day in Chrome

October 2019 News, Cyber Security

Kaspersky’s automated technologies have detected a new exploited vulnerability in the Google Chrome web browser. Kaspersky has allocated the vulnerability as CVE-2019-13720 and reported it to Google. A patch (link online to chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_31.html) has been released. Upon review of the PoC provided, Google confirmed that it is a zero-day vulnerability.

Zero-day vulnerabilities are previously unknown software bugs that can be exploited by attackers to inflict serious and unexpected damage. The new exploit is used in attacks that leverage a waterhole-style injection in a Korean-language news portal. Malicious JavaScript code is inserted in the main page, which in turn, loads a profiling script from a remote site to further check if the victim's system could be infected by examining versions of the browser’s user credentials. The vulnerability tries to exploit the bug through the Google Chrome browser and the script checks if version 65 or later is being used. The exploit gives an attacker a Use-After-Free (UaF) condition, which is very dangerous because it can lead to code execution scenarios.

The detected exploit was used in what Kaspersky experts call “Operation WizardOpium”. Certain similarities in the code point to a possible link between this campaign and Lazarus attacks. Additionally, the profile of the targeted website is similar to what has been found in previous DarkHotel attacks, which have recently deployed comparable false flag attacks.

The exploited vulnerability was detected by Kaspersky’s Exploit Prevention technology, embedded in most of the company’s products.

“The finding of a new Google Chrome zero-day in the wild once again demonstrates that it is only collaboration between the security community and software developers, as well as constant investment in exploit prevention technologies, that can keep us safe from sudden and hidden strikes by threat actors,” said Anton Ivanov, a security expert at Kaspersky.

Kaspersky recommends taking the following security measures:

Install the Google patch for the new vulnerability as soon as possible.

Make sure you update all software used in your organisation on a regular basis, and whenever a new security patch is released. Security products with Vulnerability Assessment and Patch Management capabilities may help to automate these processes.

Choose a proven security solution, such as Kaspersky Endpoint Security for Business, that is equipped with behaviour-based detection capabilities for effective protection against known and unknown threats, including exploits.

In addition to adopting essential endpoint protection, implement a corporate-grade security solution that detects advanced threats on the network level at an early stage, such as Kaspersky Anti Targeted Attack Platform.

Make sure your security team has access to the most recent cyberthreat intelligence.•

Last, but not least, ensure your staff is trained to understand and implement the basics in cybersecurity hygiene.

For further details on the new exploit see www.securelist.com


Credit(s)




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Plan your media strategy with Technews Publishing
October 2019 , News
Dear Marketer, Have you ever looked back on a year and wondered how you survived it? For the majority of South Africans, 2019 started benignly enough, cosily wrapped in the blanket of Ramaphoria that ...

Read more...
The Open Security & Safety Alliance celebrates first anniversary
October 2019 , News
Membership triples within first 12 months; ongoing industry work reduces market fragmentation and friction across security and safety landscapes.

Read more...
AWS launches Equity Equivalent Investment Programme
October 2019 , News
Amazon Web Services launches Equity Equivalent Investment Programme with the department of trade and industry to help more South African businesses to innovate.

Read more...
30% of local consumers still use unsupported operating systems
October 2019, Kaspersky , Home Security
Many consumers and businesses still rely on unsupported or near end-of-life operating systems (OS) which is a security risk, according to Kaspersky research.

Read more...
2020 Residential Estate Security Conference in KZN
October 2019, Technews Publishing , News, Residential Estate (Industry)
Meeting the residential security challenges in 2020 and beyond: Hi-Tech Security Solutions will host the Residential Estate Security Conference 2020 in Durban on 12 March 2020.

Read more...
Drones and Digital Aviation Conference
October 2019 , News, Conferences & Events
Drones have opened airspaces for everyone in ways that humans had not imagined; to the extent that there is a drone to almost every kind of problem on earth. Drones already have the ability to increase ...

Read more...
From the editor's desk: What a year it has been!
November 2019, Technews Publishing , News
We’ve made it to the last issue of 2019. This year has been a tough one for the local security industry with almost everyone feeling the effects of the poor economy that shows no signs of recovery. Naturally ...

Read more...
Pelco appoints CEO
November 2019 , News
Pelco announced the appointment of Kurt Takahashi as chief executive officer, effective 1 November 2019.

Read more...
SAST demonstrates first open app store for AI video analytics
November 2019 , News
SAST demonstrated its open IoT platform for video surveillance cameras in September, showcasing real-world examples of the SAST camera operating system and global IoT marketplace.

Read more...
What are the cybersecurity issues in video surveillance?
November 2019, Axis Communications SA , Editor's Choice, CCTV, Surveillance & Remote Monitoring, Cyber Security
he importance of the data captured by surveillance cameras – and what can be done with it – has led to a new breed of cybercriminals, looking for insights to steal and sell.

Read more...