![]() How Duo Helps With Zero-Day Browser Attacks And the second zero-day was a “sandbox escape” that allowed malicious actors to bypass the Firefox protected process and execute code on the underlying operating session. reported that the first zero-day bug was "remote code execution" vulnerability that allowed remote attackers to run malicious code inside Firefox's native process. The Firefox browser zero-day bugs were a one-two-punch. ![]() ![]() The malware they used worked on both Mac and Windows and could collect passwords and other data,” according to. Mozilla was aware of the bug in ( CVE-2019-11707) in April but only patched it in June after a spear-phishing campaign was reported by Coinbase that used that zero-day bug combined with another zero-day bug ( CVE-2019-11708) that lured employees to a website “designed to automatically download and run an info-stealer if it's loaded on Firefox. But they are still a non-profit and like any technology, bugs exist. Mozilla has been a leader in browser privacy controls and consumer data protection. Zero-day vulnerabilities could potentially expose customers without warning and opens them up to the potential breach. Mozilla announced they “are aware of targeted attacks using this flaw” and urge all Firefox users to update their browser immediately with their latest discovery of a zero-day vulnerability. ![]() The bugs were used in tandem by malicious actors to target the employees of Coinbase, a cryptocurrency exchange marketplace and wallet. Can we all agree to that? Recently Mozilla’s Firefox browser patched not one, but two zero-day bugs in one week. Industry News JAbigail Bristow Browser Security: Mozilla’s 2-for-1 Zero-Day Flawsīrowser zero-day weak areas are thee worst. ![]()
0 Comments
Leave a Reply. |