Russia-aligned APT group RomCom was behind attacks that leveraged CVE-2024-9680, a remote code execution flaw in Firefox, and CVE-2024-49039, an elevation of privilege vulnerability in Windows Task Scheduler, as zero-days earlier this year. “Chaining together two zero-day vulnerabilities armed RomCom with an exploit that requires no user interaction,” ESET researchers said. The campaign leveraging the zero-click exploit CVE-2024-9680 allowed the attackers to execute code in the restricted context of the browser and CVE-2024-49039 allowed it … More

The post RomCom hackers chained Firefox and Windows zero-days to deliver backdoor appeared first on Help Net Security.