SELECTED BY THE TALOS SECURITY INTELLIGENCE AND RESEARCH GROUP
Title: Indian human rights advocates targeted by NetWire malware
Description: Attackers targeted several human rights activists in India between January and October of 2019 with the NetWire malware, attempting to intercept their communications. Researchers say the victims opened spear-phishing emails, which eventually led to the infection. NetWire can steal users' audio recordings, steal credentials and log keystrokes. All the targets are advocating for the release of protestors who were jailed after demonstrations in 2018.
Snort SIDs: 54284, 54285
Title: Remote code execution vulnerability in Firefox's SharedWorkerService function
Description: The Mozilla Firefox web browser contains a vulnerability in its SharedWorkerService function that could allow an attacker to gain the ability to remotely execute code on a target's machine. This vulnerability can be triggered if the user visits a malicious web page. The attacker can design this page in a way that it would cause a race condition, eventually leading to a use-after-free vulnerability and remote code execution.
Snort SIDs: 53759, 53760