CVE-2019-0539 Root Cause Analysis
A dive into the root cause analysis of CVE-2019-0539 in Chakra javascript engine
Perception Point Incident Response Team
Perception Point’s platform recently caught an advanced attack directed at one of our Financial Services customers delivered via a malicious MS Word document. Our analysis below provides a detailed understanding of the attack, its intent, and the damage it would have caused. Key observations regarding this attack:
Our client received an email that had been flagged malicious by Perception Point’s platform. This report examines the potential effect of the attack, in case the malicious file had not been blocked.
X-SES-Virus-Verdict: PASS X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 priorityscore=0 malwarescore=0 suspectscore=34 phishscore=0 bulkscore=0 spamscore=0 clxscore=375 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=282 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1807170000 definitions=main-1810290075
This attack could have been very damaging for our customer, as it was well-disguised and very effective once released. Learn more about how Perception Point’s HAP (Hardware-Assisted Platform) is able to catch such attacks here
A dive into the root cause analysis of CVE-2019-0539 in Chakra javascript engine
From uncovering a VBS backdoor that quotes the Fibonacci sequence to receiving “trust worthy” emails.
What is phishing exactly, how the technique works and how to prevent it.
68 Articles