CVE-2024-7971

Vulnerability updated a month ago (2024-08-22T19:15:30.956Z)

Download STIX

Preview STIX

Not enough context has been learned about CVE-2024-7971 for a description yet. However we're tracking it as a Vulnerability profile. Vulnerability: A flaw in software design or implementation

Description last updated:

What's your take? (Question 1 of 4)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Google

Vulnerability

Microsoft

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Malware

To see the evidence that has resulted in these malware associations, create a free account

ID	Type	Votes	Profile Description
AppleJeus	Unspecified	2	AppleJeus is a potent malware designed to infiltrate systems and steal cryptocurrency-related assets. It was first identified by the Cybersecurity and Infrastructure Security Agency (CISA) in 2021 as part of a cryptocurrency-themed Kupay Wallet macOS malware package during an AppleJeus campaign. The

Associated Threat Actors

To see the evidence that has resulted in these threatActor associations, create a free account

ID	Type	Votes	Profile Description
Citrine Sleet	Unspecified	2	Citrine Sleet, also known as Gleaming Pisces, AppleJeus, Labyrinth Chollima, UNC4736, and Hidden Cobra, is a threat actor believed to be associated with North Korea's Reconnaissance General Bureau. This group has been implicated in a series of targeted cyberattacks against the cryptocurrency industr

Source Document References

Information about the CVE-2024-7971 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
DARKReading	15 days ago	North Korean APT Exploits Novel Chromium, Windows Bugs to Steal Crypto
BankInfoSecurity	16 days ago	North Korean Hackers Tied to Exploits of Chromium Zero-Day
Securityaffairs	17 days ago	Security Affairs newsletter Round 487 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs	18 days ago	North Korea-linked APT Citrine Sleet exploit Chrome zero-day to deliver FudModule rootkit - Security Affairs
Securityaffairs	21 days ago	U.S. CISA adds Google Chromium V8 bug to its Known Exploited Vulnerabilities catalog
CISA	22 days ago	CISA Adds One Known Exploited Vulnerability to Catalog \| CISA
Canadian Centre for Cyber Security	a month ago	Google Chrome security advisory (AV24-474) - Canadian Centre for Cyber Security
DARKReading	a month ago	Google Chrome Update Fixes Flaw Exploited in the Wild
Malwarebytes	a month ago	Google patches actively exploited zero-day in Chrome. Update now! \| Malwarebytes