Sveriges mest populära poddar
CyberWire Daily

Files stolen from a sneaky SymStealer. [Research Saturday]

14 min11 mars 2023

Ron Masas of Imperva discusses their work, the "Google Chrome “SymStealer” Vulnerability. How to Protect Your Files from Being Stolen." By reviewing the ways the browser handles file systems, specifically searching for common vulnerabilities relating to how browsers process symlinks, the Imperva Red Team discovered that when files are dropped onto a file input, it’s handled differently.

Dubbing it as CVE-2022-40764, researchers found a vulnerability that "allowed for the theft of sensitive files, such as crypto wallets and cloud provider credentials." In result, over 2.5 billion users of Google Chrome and Chromium-based browsers were affected.

The research can be found here:

Learn more about your ad choices. Visit megaphone.fm/adchoices

CyberWire Daily med N2K Networks finns tillgänglig på flera plattformar. Informationen på denna sida kommer från offentliga podd-flöden.