12/18/2023 0 Comments Qihoo 360 web browser“After that, if the attack succeeds, the attack code will be downloaded again as a proxy automatic configuration file (PAC file). The downloaded attack code is executed as a PAC file, and the malware is downloaded and executed. The Company has built one of the largest open Internet platforms in China and monetizes its massive user base primarily through online advertising and through Internet value-added services on its open platform. “When you are directed to the attack site with IE or Firefox, the attack code corresponding to the browser you accessed is returned.” states the JPCERT. Qihoo 360 also provides users with secure access points to the Internet via its market leading web browsers and application stores. Japan’s Computer Emergency Response Team Coordination Center (JPCERT/CC) published a report containing technical details on attacks exploiting both flaws and aimed at Japanese entities Qihoo experts also tracked the group as the “Peninsula APT,” likely because it refers to an APT group operating from Korea. The experts pointed out that the two vulnerabilities were exploited as part of a campaign aimed at Chinese government agencies and attributed to the DarkHotel APT, aka APT-C-06. The CVE-2020-0674 flaw could be triggered by tricking victims into visiting a website hosting a specially crafted content designed to exploit the issue through Internet Explorer.Īccording to the cybersecurity firm Qihoo 360, threat actors exploited both flaws before they have been addressed by Microsoft. The second flaw tracked as CVE-2020-0674 is an RCE affecting the Internet Explorer, Microsoft addressed it in February, The experts reported that the CVE-2019-17026 zero-day had been exploited by attackers along with an Internet Explorer zero-day, Qihoo 360 experts initially disclosed the discovery via Twitter, but later deleted the message. The vulnerability was reported to Mozilla by security experts from the Chinese firm Qihoo 360. In January, Mozilla confirmed that it’s aware of targeted attacks exploiting the CVE-2019-17026 zero-day, but it did not disclose details of the attacks. The CVE-2019-17026 flaw is an “IonMonkey type confusion with StoreElementHole and FallibleStoreElement,” where IonMonkey is the Just-in-Time (JIT) compiler for Firefox’s SpiderMonkey JavaScript engine. The first issue, tracked as CVE-2019-17026, affects the Firefox browser and was addressed in January.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |