FireEye Latest Research: How To Avoid Imposter Browser Updates

This morning, cybersecurity research firm FireEye released a report on how cyber attackers increasingly targeting organizations with multimillion-dollar disruptive ransomware via “FakeUpdates,” or imposter browser updates. The research furthers the notion that attackers are continuing to evolve their TTPs especially as fewer victims opt to pay the ransom.

Grant McCracken, Director, Solutions Architecture,  Bugcrowd
October 02, 2019
The attacker is able to fully manipulate the content of the webpage.
FireEye’s latest research on how malicious actors leverage FakeUpdates to get malware onto victim’s machines underscores the real-world importance and value of vulnerabilities such as cross-site scripting (XSS), HTML injection, or open redirects that are often commonly perceived in the market as being “low value”. What this research shows, is that those attacks, often mixed with social eng ....
[Read More >>]

If you are an expert on this topic:

Submit Your Expert Comments

In this article