'RomCom' APT Mounts Zero-Day, Zero-Click Browser Escapes in Firefox, Tor

The innocuously named Russian-sponsored cyber threat actor has combined critical and serious vulnerabilities in Windows and Firefox products in a zero-click code execution exploit.

Follow Dark Reading:

November 27, 2024

LATEST SECURITY NEWS & COMMENTARY 'RomCom' APT Mounts Zero-Day, Zero-Click Browser Escapes in Firefox, Tor The innocuously named Russian-sponsored cyber threat actor has combined critical and serious vulnerabilities in Windows and Firefox products in a zero-click code execution exploit. Geico, Travelers Fined $11.3M for Lax Data Security New York state regulators punish insurers after cybercriminals illegally access customer info they then used to file scam unemployment claims during the COVID-19 pandemic. Salt Typhoon Builds Out Malware Arsenal With GhostSpider The APT, aka Earth Estries, is one of China's most effective threat actors, performing espionage for sometimes years on end against telcos, ISPs, and governments before being detected. OpenSea Phishers Aim to Drain Crypto Wallets of NFT Enthusiasts Cyberattackers have been targeting the online NFT marketplace with emails claiming to make an offer to a targeted user; in reality, clicking on a malicious link takes victims to a crypto-draining site. Microsoft Finally Releases Recall as Part of Windows Insider Preview The preview version now includes multiple security-focused additions Microsoft had promised to include, such as SecureBoot, BitLocker, and Windows Hello. My Car Knows My Secrets, and I'm (Mostly) OK With That Imagine your car gossiping to insurance companies about your lead foot, or data brokers peddling your daily coffee run. Welcome to the world of connected cars, where convenience and privacy are locked in a head-on collision. (Sponsored Article) Are You Really Protected? The Myth of EDR-Driven Security Cybercriminals have become adept at bypassing traditional defenses to move freely across the network, putting our security stack into question. MORE NEWS / MORE COMMENTARY HOT TOPICS Ransomware Attack on Blue Yonder Hits Starbucks, Supermarkets The incident is typical of the heightened threats organizations face during the holidays, when most companies reduce their security operations staff by around 50%. Closing the Cybersecurity Career Diversity Gap Diversity isn't just an issue of fairness — it's about operational excellence and ensuring we have the best possible teams defending our national security. BlackBasta Ransomware Brand Picks Up Where Conti Left Off New analysis says law enforcement efforts against Russian-language ransomware-as-a-service (RaaS) infrastructure helped consolidate influence behind BlackBasta, but some experts aren't so sure the brand means that much. MORE PRODUCTS & RELEASES CyberRatings.org Announces Test Results for Cloud Service Provider Native Firewalls CyCognito Report Highlights Rising Cybersecurity Risks in Holiday E-Commerce Study Finds 76% of Cybersecurity Professionals Believe AI Should Be Heavily Regulated MORE PRODUCTS & RELEASES EDITORS' CHOICE Fancy Bear 'Nearest Neighbor' Attack Uses Nearby Wi-Fi Network In a "new class of attack," the Russian APT breached a target in Washington, DC, by credential-stuffing wireless networks in close proximity to it and daisy-chaining a vector together in a resourceful and creative way, according to researchers. LATEST FROM THE EDGE 8 Tips for Hiring and Training Neurodivergent Talent Neurodivergent talent can add so much to a cybersecurity team. How can companies ensure they have the right hiring and onboarding practices in place to ensure their success? LATEST FROM DR TECHNOLOGY AWS Rolls Out Updates to Amazon Cognito Amazon Web Services' identity and access management platform has added new features that help developers implement secure, scalable, and customizable authentication solutions for their applications. LATEST FROM DR GLOBAL Israel Defies VC Downturn With More Cybersecurity Investments With a focus on creating technologies for other markets, Israel continues to be a valued destination for venture capital in cybersecurity outside the US and Europe. WEBINARS The Unreasonable Effectiveness of Inside Out Attack Surface Management Social Engineering: New Tricks, New Threats, New Defenses View More Dark Reading Webinars >> WHITE PAPERS The State of Cloud Native Security Report 2024 Product Review: Trend Vision One Cloud Security 2024 Cloud Security Report IDC White Paper: The Peril and Promise of Generative AI in Application Security Gartner Report: Cyber Asset Attack Surface Management The State of Asset Security: Uncovering Alarming Gaps & Unexpected Exposures Generative AI Gifts View More White Papers >> FEATURED REPORTS Managing Third-Party Risk Through Situational Awareness 2024 InformationWeek US IT Salary Report View More Dark Reading Reports >>

Dark Reading Daily -- Published By Dark Reading Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond here. Thoughts about this newsletter? Give us feedback. Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our Privacy Statement.

© 2024 | Informa Tech | Privacy Statement | Terms & Conditions | Contact Us