Lucene search

K
hiveproHive ProHIVEPRO:2FBDBD20FF69ADDF5A541D1E5B3D0809
HistoryJul 28, 2022 - 6:06 a.m.

Spyware Group Candiru exploits Chrome Zero-Day to Target Middle East

2022-07-2806:06:37
Hive Pro
www.hivepro.com
40

0.012 Low

EPSS

Percentile

84.9%

Threat Level Attack Report For a detailed advisory, download the pdf file here Summary Candiru(Saito Tech) spyware used the recently fixed CVE-2022-2294 Chrome zero-day in assaults on journalists, with a substantial portion of the attacks taking place in Lebanon. This recently patched vulnerability in WebRTC is a heap-based buffer overflow. Its successful exploitation may result in code execution on the targeted device.