APT-C-60 Hackers Exploit StatCounter and Bitbucket in SpyGlace Malware Operation – Active IOCs

November 29, 2024

DarkCrystal RAT aka DCRat – Active IOCs

November 30, 2024

Multiple Google Chrome Vulnerabilities

November 29, 2024

Severity

Medium

Analysis Summary

CVE-2024-9963 CVSS:6.5

Google Chrome could allow a remote attacker to bypass security restrictions, caused by insufficient data validation in Downloads. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to bypass security restrictions.

CVE-2024-9962 CVSS:6.5

Google Chrome could allow a remote attacker to bypass security restrictions, caused by inappropriate implementation in Permissions. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to bypass security restrictions.

CVE-2024-9964 CVSS:6.5

Google Chrome could allow a remote attacker to bypass security restrictions, caused by inappropriate implementation in Payments. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to bypass security restrictions.

Impact

Security Bypass

Indicators of Compromise

CVE

CVE-2024-9963
CVE-2024-9962
CVE-2024-9964

Affected Vendors

Google

Affected Products

Google Chrome - 130.0
Google Chrome - 130.0.6723.58

Remediation

Upgrade to the latest version of Google Chrome, available from the Google Chrome Releases Website.

Google Chrome Releases Website

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

CoinMiner Malware – Active IOCs

Google Warns of Active Exploits Targeting Chrome V8 Vulnerability

CVE-2025-6554 – Google Chrome Vulnerability

Threat Insights

About Us

Our Leadership

CSR

Connect with Us