Anything casting shade on the Russian government you have to treat with suspicion, but we do have a couple bugs that were fixed. The interesting part is look at the dates of the open source project fixing theirs verses when Microsoft fixed theirs. Consequently, it’s just not good to use a Windows machine unprotected online as Microsoft won’t fix bugs for a month unless it’s significantly dangerous to a lot of corporate customers. Consequently, I run GNU\/Linux virtual machines on my Windows 10 box (at least for a few more months). You run the VMs full screen and it’s like Linux is installed natively as the OS, and VMware Workstation now free for use has good 3D graphics support for Debian and older LTS versions of Ubuntu. <\/p>\n\n\n\n
https:\/\/techcrunch.com\/2024\/11\/26\/russia-linked-hackers-exploited-firefox-and-windows-zero-day-bugs-in-widespread-hacking-campaign\/<\/a><\/p>\n\n\n By Carly Page<\/p>\n\n\n\n Security researchers have uncovered two previously unknown zero-day vulnerabilities<\/a> that are being actively exploited by RomCom, a Russian-linked hacking group, to target Firefox browser users and Windows device owners across Europe and North America.<\/p>\n\n\n\n RomCom is a cybercrime group that is known to carry out cyberattacks and other digital intrusions for the Russian government<\/a>. The group \u2014 which was last month linked to a ransomware attack targeting Japanese tech giant Casio<\/a> \u2014 is also known for its aggressive stance against organizations allied with Ukraine, which Russia invaded in 2014.<\/p>\n\n\n\n Researchers with security firm ESET say they found evidence that RomCom combined use of the two zero-day bugs \u2014 described as such because the software makers had no time to roll out fixes before they were used to hack people \u2014 to create a \u201czero click\u201d exploit, which allows the hackers to remotely plant malware on a target\u2019s computer without any user interaction.<\/p>\n\n\n\n \u201cThis level of sophistication demonstrates the threat actor\u2019s capability and intent to develop stealthy attack methods,\u201d ESET researchers Damien Schaeffer and Romain Dumont said in a blog post on Monday<\/a>.<\/p>\n\n\n\n RomCom\u2019s targets would have to visit a malicious website controlled by the hacking group in order to trigger the zero-click exploit. Once exploited, RomCom\u2019s eponymous backdoor would be installed on the victim\u2019s computer, allowing broad access to a victim\u2019s device.<\/p>\n\n\n\n Schaeffer told TechCrunch that the number of potential victims from RomCom\u2019s \u201cwidespread\u201d hacking campaign ranged from a single victim per country to as many as 250 victims, with the majority of targets based in Europe and North America.<\/p>\n\n\n\n Mozilla patched the vulnerability in Firefox on October 9, a day after ESET alerted the browser maker. The Tor Project, which develops the Tor Browser<\/a> based on Firefox\u2019s codebase, also patched the vulnerability; though Schaeffer told TechCrunch that ESET has seen no evidence that the Tor Browser was exploited during this hacking campaign.<\/p>\n\n\n\n