InfoSecBulletin Cybersecurity for mankind
Google released an urgent security update for Chrome browser. The update fixes a critical vulnerability that is already being exploited by hackers. The vulnerability, known as CVE-2024-4671, is a bug in the browser’s Visuals component.
CVE-2024-4671 is a type of vulnerability referred to as “use after free” in the Visuals component of the Chrome browser. This vulnerability occurs when dynamic memory is not properly handled during program operation. If a memory location is freed but the pointer to that memory is not cleared, an attacker can take advantage of this to run code on the system. This can result in unauthorized access or manipulation of data, or even control over the affected system.
BCSI BLOG POST
SonicWALL Vulnerability Traded; threating for Corporate network in Bangladesh
Banking trojan Grandoreiro targeting about 1,500 banks over 60 countries
Australian gov.t warns of ‘large-scale ransomware data breach’
Patch Now: CISA Warns of Actively Exploited D-Link Router Vulnerabilities
New “Antidot” Banking Trojan disguised Fake Google Play Updates
CISA Published Encrypted DNS Implementation Guidance
Cyble Research
Transparent Tribe & SideCopy: A Cyber Alliance Targeting India
Recordedfuture report
Hackers Exploit GitHub to Spread Malware targeting operating systems
ALERT
CISA issued Seventeen Industrial Control Systems Advisories
Intel released 41 Security Advisories Over 90 Vulnerabilities
An anonymous researcher found a vulnerability and reported it to Google. The company quickly acknowledged the threat and released updates within two days to protect users.
Emergency updates have been released for Chrome users on the Stable Desktop channel. The updates are available for Mac, Windows, and Linux, with versions 124.0.6367.201 and 124.0.6367.202 for Mac and Windows, and version 124.0.6367.201 for Linux. The purpose of these updates is to fix a vulnerability and prevent potential exploits.
