What are the dangers of browser extensions?
Each of us has probably installed some kind of browser extension at least once: an ad blocker, an online translator, a spellchecker or something else. However, few of us stop to think: is it safe? Unfortunately, these seemingly innocuous mini-apps can be far more dangerous than they seem at first glance. Let’s see what might go wrong. For this, we shall use data from our … [Read more...] about What are the dangers of browser extensions?
New Browser-in-the Browser (BITB) Attack Makes Phishing Nearly Undetectable
A novel phishing technique called browser-in-the-browser (BitB) attack can be exploited to simulate a browser window within the browser in order to spoof a legitimate domain, thereby making it possible to stage convincing phishing attacks. According to penetration tester and security researcher, who goes by the handle mrd0x_, the method takes advantage of third-party single … [Read more...] about New Browser-in-the Browser (BITB) Attack Makes Phishing Nearly Undetectable
New Unpatched Apple Safari Browser Bug Allows Cross-Site User Tracking
A software bug introduced in Apple Safari 15's implementation of the IndexedDB API could be abused by a malicious website to track users' online activity in the web browser and worse, even reveal their identity. The vulnerability, dubbed IndexedDB Leaks, was disclosed by fraud protection software company FingerprintJS, which reported the issue to the iPhone maker on November … [Read more...] about New Unpatched Apple Safari Browser Bug Allows Cross-Site User Tracking
Hackers Exploit Microsoft Browser Bug to Deploy VBA Malware on Targeted PCs
An unidentified threat actor has been exploiting a now-patched zero-day flaw in Internet Explorer browser to deliver a fully-featured VBA-based remote access trojan (RAT) capable of accessing files stored in compromised Windows systems, and downloading and executing malicious payloads as part of an "unusual" campaign. The backdoor is distributed via a decoy document named … [Read more...] about Hackers Exploit Microsoft Browser Bug to Deploy VBA Malware on Targeted PCs
Privacy Bug in Brave Browser Exposes Dark-Web Browsing History of Its Users
Brave has fixed a privacy issue in its browser that sent queries for .onion domains to public internet DNS resolvers rather than routing them through Tor nodes, thus exposing users' visits to dark web websites. The bug was addressed in a hotfix release (V1.20.108) made available yesterday. Brave ships with a built-in feature called "Private Window with Tor" that integrates the … [Read more...] about Privacy Bug in Brave Browser Exposes Dark-Web Browsing History of Its Users
New Chrome Zero-Day Under Active Attacks – Update Your Browser
Google has patched a second actively exploited zero-day flaw in the Chrome browser in two weeks, along with addressing nine other security vulnerabilities in its latest update. The company released 86.0.4240.183 for Windows, Mac, and Linux, which it said will be rolling out over the coming days/weeks to all users. The zero-day flaw, tracked as CVE-2020-16009, was reported by … [Read more...] about New Chrome Zero-Day Under Active Attacks – Update Your Browser
New Chrome 0-day Under Active Attacks – Update Your Browser Now
Attention readers, if you are using Google Chrome browser on your Windows, Mac, or Linux computers, you need to update your web browsing software immediately to the latest version Google released earlier today. Google released Chrome version 86.0.4240.111 today to patch several security high-severity issues, including a zero-day vulnerability that has been exploited in the wild … [Read more...] about New Chrome 0-day Under Active Attacks – Update Your Browser Now
New Chrome 0-day Bug Under Active Attacks – Update Your Browser Now!
Attention readers, if you are using Chrome on your Windows, Mac, and Linux computers, you need to update your web browsing software immediately to the latest version Google released earlier today.With the release of Chrome 78.0.3904.87, Google is warning billions of users to install an urgent software update immediately to patch two high severity vulnerabilities, one of which … [Read more...] about New Chrome 0-day Bug Under Active Attacks – Update Your Browser Now!
Update Google Chrome Browser to Patch New Critical Security Flaws
Google has released an urgent software update for its Chrome web browser and is urging Windows, Mac, and Linux users to upgrade the application to the latest available version immediately.Started rolling out to users worldwide this Wednesday, the Chrome 77.0.3865.90 version contains security patches for 1 critical and 3 high-risk security vulnerabilities, the most severe of … [Read more...] about Update Google Chrome Browser to Patch New Critical Security Flaws