In a separate technical write-up, South Korean cybersecurity firm ENKI said the North Korean state-sponsored hacking group known as Lazarus made an unsuccessful attempt at targeting its security researchers with malicious MHTML files that, when opened, downloaded two payloads from a remote server, one of which contained a zero-day against Internet Explorer. Join now, it’s free - Browsec free VPN service protects your public Wi-Fi connections from anyone trying to steal your personal data, passwords and other information transferred over the network.
Browsec is trusted by over 7 million users. With some researchers infected simply by visiting a fake research blog on fully patched systems running Windows 10 and Chrome browser, Microsoft, in a report published on January 28, had hinted that the attackers likely leveraged a Chrome zero-day to compromise the systems.Īlthough it's not immediately clear if CVE-2021-21148 was used in these attacks, the timing of the revelations and the fact that Google's advisory came out exactly one day after Buelens reported the issue implies they could be related. In Chrome Settings, enable Allow from this Source option when asked. Browsec free VPN - the best way to stay safe while accessing the Internet. Tor Browser already comes with HTTPS Everywhere, NoScript, and other patches to protect your.
#Browsec premium for chrome patch install
While it's typical of Google to limit details of the vulnerability until a majority of users are updated with the fix, the development comes weeks after Google and Microsoft disclosed attacks carried out by North Korean hackers against security researchers with an elaborate social engineering campaign to install a Windows backdoor. Plugins or addons may bypass Tor or compromise your privacy.
Previously on February 2, Google addressed six issues in Chrome, including one critical use after free vulnerability in Payments (CVE-2021-21142) and four high severity flaws in Extensions, Tab Groups, Fonts, and Navigation features.