An Interest In:
Web News this Week
- April 24, 2024
- April 23, 2024
- April 22, 2024
- April 21, 2024
- April 20, 2024
- April 19, 2024
- April 18, 2024
Some of Our Sources
- Engadget
- Technology Review
- Simplebits
- Six Revisions
- Vandelay Design
- Noupe
- My Ink Blog
- Fudge Graphics
- Freelance Switch
- Android Dissected
Help Webnuz
Referal links:
June 20, 2019 04:01 pm
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/ajlMnFKJ04w/firefox-zero-day-was-used-in-attack-against-coinbase-employees-not-its-users
Firefox Zero-Day Was Used In Attack Against Coinbase Employees, Not Its Users
An anonymous reader writes: A recent Firefox zero-day that has made headlines across the tech news world this week was actually used in attacks against Coinbase employees, and not the company's users. Furthermore, the attacks used not one, but two Firefox zero-days, according to Philip Martin, a member of the Coinbase security team, which reported the attacks to Mozilla. One was an RCE reported by a Google Project Zero security researcher to Mozilla in April, and the second was a sandbox escape that was spotted in the wild by the Coinbase team together with the RCE, on Monday. The question here is how an attacker managed to get hold of the details for the RCE vulnerability and use it for his attacks after the vulnerability was privately reported to Mozilla by Google. The attacker could have found the Firefox RCE on his own, he could have bribed a Mozilla/Google insider, hacked a Mozilla/Google employee and viewed details about the RCE, or hacked Mozilla's bug tracker, like another attacker did in 2015.Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/ajlMnFKJ04w/firefox-zero-day-was-used-in-attack-against-coinbase-employees-not-its-users
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot