

APT-C-60 Hackers Exploit StatCounter and Bitbucket in SpyGlace Malware Operation – Active IOCs
November 29, 2024
DarkCrystal RAT aka DCRat – Active IOCs
November 30, 2024
APT-C-60 Hackers Exploit StatCounter and Bitbucket in SpyGlace Malware Operation – Active IOCs
November 29, 2024
DarkCrystal RAT aka DCRat – Active IOCs
November 30, 2024Severity
Medium
Analysis Summary
CVE-2024-9963 CVSS:6.5
Google Chrome could allow a remote attacker to bypass security restrictions, caused by insufficient data validation in Downloads. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to bypass security restrictions.
CVE-2024-9962 CVSS:6.5
Google Chrome could allow a remote attacker to bypass security restrictions, caused by inappropriate implementation in Permissions. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to bypass security restrictions.
CVE-2024-9964 CVSS:6.5
Google Chrome could allow a remote attacker to bypass security restrictions, caused by inappropriate implementation in Payments. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to bypass security restrictions.
Impact
- Security Bypass
Indicators of Compromise
CVE
- CVE-2024-9963
- CVE-2024-9962
- CVE-2024-9964
Affected Vendors
Affected Products
- Google Chrome - 130.0
- Google Chrome - 130.0.6723.58
Remediation
Upgrade to the latest version of Google Chrome, available from the Google Chrome Releases Website.