Worse Than A Cheesy Christmas RomCom
Check your Firefox and Tor browsers for outstanding updates, as Russian hackers are exploiting a zero day on machines across North America and other continents. The first problem is with Firefox’s animation timeline feature which allowed code to execute within the web browser’s sandbox. It was actually patched back in October, but you should definitely check for any updates to ensure you are protected against this known threat as well as yet to be announced but likely already being exploited right now. The second issue is a privilege escalation flaw in the Windows Task Scheduler service which again allows code you do not want running outside of the sandbox, which wasn’t patched until last week.
The problem for users of the Tor browser is that one of the JavaScript exploits used in the attacks against Firefox is called main-tor.js, which implies RomCom is able to leverage these flaws in that browser as well. The attacks come from browser redirection, to a fake website the hackers controlled which would use the exploits to install whatever they wanted on the computer visiting the site, without any interaction by the user.
Stay safe out there!
