The Port of Nagoya, the largest and busiest port in Japan, has been targeted in a ransomware attack that currently impacts the operation of container terminals. […] Read More
BleepingComputer
Related Posts
Massive Phishing Campaign Strikes Latin America: Venom RAT Targeting Multiple Sectors
Massive Phishing Campaign Strikes Latin America: Venom RAT Targeting Multiple Sectors
[[{“value”:”The threat actor known as TA558 has been attributed to a new massive phishing campaign that targets a wide range of sectors in Latin America with the goal of deploying Venom RAT.
The attacks primarily singled out hotel, travel, trading, financial, manufacturing, industrial, and government verticals in Spain, Mexico, United States, Colombia, Portugal, Brazil, Dominican Republic, and”}]] Read More
The Hacker News | #1 Trusted Cybersecurity News Site
Google Chrome 120 Released with Patch for 10 Critical Security Flaws
Google Chrome 120 Released with Patch for 10 Critical Security Flaws
Google has recently released Chrome 120 for Windows, Mac, and Linux. This version of Chrome comes with 10 security patches to ensure a safer browsing experience for its users.
The most recent versions of Chrome available to users are 120.0.6099.62 for Linux and macOS and 120.0.6099.62/.63 for Windows.
The most recent version of the Extended Stable channel is 120.0.6099.63 for Windows and 120.0.6099.62 for Mac. The update will be implemented over the next few days and weeks.
Security Vulnerabilities Addressed
Although ten security flaws are fixed overall, Google only lists the flaws external researchers disclose.
A high-severity issue was identified as CVE-2023-6508, used after free in Media Stream. This allowed a remote attacker to possibly exploit heap corruption via a crafted HTML page. Google awarded a $10,000 bounty after Cassidy Kim (@cassidy6564) reported it.
CVE-2023-6509 is a high-severity issue. Use it for free in Side Panel Search. This allowed a remote attacker who enticed a user to perform a specific UI interaction to possibly exploit heap corruption. Khalil Zhani reported this problem, and a bounty of $1,000 was given.
The next issue is tracked as CVE-2023-6510, Use after free in Media Capture, which is a medium-severity issue. After [pwn2car] reported this, a $1,000 bounty was given out.
Inappropriate implementation in Autofill is a low-severity bug identified as CVE-2023-6511. Google awarded a $2000 bounty after Ahmed ElMasry reported this.
A low-severity bug identified as CVE-2023-6512 relates to an inappropriate web browser user interface implementation. Om Apip reported it, and a $1,000 bounty was given out.
How to Update?
To view the most recent version on desktop devices, users of Google Chrome can navigate to Menu > Help > About Google Chrome or type chrome://settings/help into the address bar.
The browser looks for updates as soon as the website is accessed; it downloads and installs any that it finds. It ought to detect and install Chrome 120. To finish the update, the browser must be restarted.
Google recommends that users update to the most recent version of Google Chrome to prevent exploiting vulnerabilities.
The post Google Chrome 120 Released with Patch for 10 Critical Security Flaws appeared first on Cyber Security News.
Cyber Security News