FreshRSS

🔒
❌ About FreshRSS
There are new available articles, click to refresh the page.
Before yesterdayYour RSS feeds

Zero-Day Alert: Update Chrome Now to Fix New Actively Exploited Vulnerability

By Newsroom
Google on Tuesday released updates to fix four security issues in its Chrome browser, including an actively exploited zero-day flaw. The issue, tracked as CVE-2024-0519, concerns an out-of-bounds memory access in the V8 JavaScript and WebAssembly engine, which can be weaponized by threat actors to trigger a crash. <!-- adsense --> "By reading out-of-bounds memory, an attacker might be able to

Urgent: New Chrome Zero-Day Vulnerability Exploited in the Wild - Update ASAP

By Newsroom
Google has rolled out security updates for the Chrome web browser to address a high-severity zero-day flaw that it said has been exploited in the wild. The vulnerability, assigned the CVE identifier&nbsp;CVE-2023-7024, has been described as a&nbsp;heap-based buffer overflow bug&nbsp;in the WebRTC framework that could be exploited to result in program crashes or arbitrary code execution. Clément

New Malvertising Campaign Distributing PikaBot Disguised as Popular Software

By Newsroom
The malware loader known as PikaBot is being distributed as part of a&nbsp;malvertising&nbsp;campaign&nbsp;targeting users searching for legitimate software like AnyDesk. "PikaBot was previously only distributed via malspam campaigns similarly to QakBot and emerged as one of the preferred payloads for a threat actor known as TA577," Malwarebytes' Jérôme Segura&nbsp;said. The malware family,

Zero-Day Alert: Google Chrome Under Active Attack, Exploiting New Vulnerability

By Newsroom
Google has rolled out security updates to fix seven security issues in its Chrome browser, including a zero-day that has come under active exploitation in the wild. Tracked as&nbsp;CVE-2023-6345, the high-severity vulnerability has been described as an integer overflow bug in Skia, an open source 2D graphics library. Benoît Sevens and Clément Lecigne of Google's Threat Analysis Group (TAG) have

Google Rushes to Patch Critical Chrome Vulnerability Exploited in the Wild - Update Now

By THN
Google on Monday rolled out out-of-band security patches to address a critical security flaw in its Chrome web browser that it said has been exploited in the wild. Tracked as CVE-2023-4863, the issue has been described as a case of heap buffer overflow that resides in the WebP image format that could result in arbitrary code execution or a crash. Apple Security Engineering and Architecture (SEAR

Google Chrome Rolls Out Support for 'Privacy Sandbox' to Bid Farewell to Tracking Cookies

By THN
Google has officially begun its rollout of Privacy Sandbox in the Chrome web browser to a majority of its users, nearly four months after it announced the plans. "We believe it is vital to both improve privacy and preserve access to information, whether it's news, a how-to-guide, or a fun video," Anthony Chavez, vice president of Privacy Sandbox initiatives at Google, said. "Without viable

Enhancing TLS Security: Google Adds Quantum-Resistant Encryption in Chrome 116

By THN
Google has announced plans to add support for quantum-resistant encryption algorithms in its Chrome browser, starting with version 116. "Chrome will begin supporting X25519Kyber768 for establishing symmetric secrets in TLS, starting in Chrome 116, and available behind a flag in Chrome 115," Devon O'Brien said in a post published Thursday. Kyber was chosen by the U.S. Department of Commerce's

New Statc Stealer Malware Emerges: Your Sensitive Data at Risk

By THN
A new information malware strain called Statc Stealer has been found infecting devices running Microsoft Windows to siphon sensitive personal and payment information. "Statc Stealer exhibits a broad range of stealing capabilities, making it a significant threat," Zscaler ThreatLabz researchers Shivam Sharma and Amandeep Kumar said in a technical report published this week. "It can steal

New Version of Rilide Data Theft Malware Adapts to Chrome Extension Manifest V3

By THN
Cybersecurity researchers have discovered a new version of malware called Rilide that targets Chromium-based web browsers to steal sensitive data and steal cryptocurrency. "It exhibits a higher level of sophistication through modular design, code obfuscation, adoption to the Chrome Extension Manifest V3, and additional features such as the ability to exfiltrate stolen data to a Telegram channel

S3 Ep138: I like to MOVEit, MOVEit

By Paul Ducklin
Backdoors, exploits, and Little Bobby Tables. Listen now! (Full transcript available...)

s3-ep138-1200

Zero-Day Alert: Google Issues Patch for New Chrome Vulnerability - Update Now!

By Ravie Lakshmanan
Google on Monday released security updates to patch a high-severity flaw in its Chrome web browser that it said is being actively exploited in the wild. Tracked as CVE-2023-3079, the vulnerability has been described as a type confusion bug in the V8 JavaScript engine. Clement Lecigne of Google's Threat Analysis Group (TAG) has been credited with reporting the issue on June 1, 2023. "Type

Privacy Sandbox Initiative: Google to Phase Out Third-Party Cookies Starting 2024

By Ravie Lakshmanan
Google has announced plans to officially flip the switch on its twice-delayed Privacy Sandbox initiatives as it slowly works its way to deprecate support for third-party cookies in Chrome browser. To that end, the search and advertising giant said it intends to phase out third-party cookies for 1% of Chrome users globally in the first quarter of 2024. "This will support developers in conducting

Mac malware-for-hire steals passwords and cryptocoins, sends “crime logs” via Telegram

By Paul Ducklin
These malware peddlers are specifically going after Mac users. The hint's in the name: "Atomic macOS Stealer", or AMOS for short.

S3 Ep132: Proof-of-concept lets anyone hack at will

By Paul Ducklin
When Doug says, "Happy Remote Code Execution Day, Duck"... it's irony. For the avoidance of all doubt :-)

Google Gets Court Order to Take Down CryptBot That Infected Over 670,000 Computers

By Ravie Lakshmanan
Google on Wednesday said it obtained a temporary court order in the U.S. to disrupt the distribution of a Windows-based information-stealing malware called CryptBot and "decelerate" its growth. The tech giant's Mike Trinh and Pierre-Marc Bureau said the efforts are part of steps it takes to "not only hold criminal operators of malware accountable, but also those who profit from its distribution.

Double zero-day in Chrome and Edge – check your versions now!

By Paul Ducklin
Wouldn't it be handy if there were a single version number to check for in every Chromium-based browser, on every supported platform?

CISA Adds 3 Actively Exploited Flaws to KEV Catalog, including Critical PaperCut Bug

By Ravie Lakshmanan
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The three vulnerabilities are as follows - CVE-2023-28432 (CVSS score - 7.5) - MinIO Information Disclosure Vulnerability  CVE-2023-27350 (CVSS score - 9.8) - PaperCut MF/NG Improper Access Control

Google Chrome Hit by Second Zero-Day Attack - Urgent Patch Update Released

By Ravie Lakshmanan
Google on Tuesday rolled out emergency fixes to address another actively exploited high-severity zero-day flaw in its Chrome web browser. The flaw, tracked as CVE-2023-2136, is described as a case of integer overflow in Skia, an open source 2D graphics library. Clément Lecigne of Google's Threat Analysis Group (TAG) has been credited with discovering and reporting the flaw on April 12, 2023. "

Google Releases Urgent Chrome Update to Fix Actively Exploited Zero-Day Vulnerability

By Ravie Lakshmanan
Google on Friday released out-of-band updates to resolve an actively exploited zero-day flaw in its Chrome web browser, making it the first such bug to be addressed since the start of the year. Tracked as CVE-2023-2033, the high-severity vulnerability has been described as a type confusion issue in the V8 JavaScript engine. Clement Lecigne of Google's Threat Analysis Group (TAG) has been

Fake ChatGPT Chrome Browser Extension Caught Hijacking Facebook Accounts

By Ravie Lakshmanan
Google has stepped in to remove a bogus Chrome browser extension from the official Web Store that masqueraded as OpenAI's ChatGPT service to harvest Facebook session cookies and hijack the accounts. The "ChatGPT For Google" extension, a trojanized version of a legitimate open source browser add-on, attracted over 9,000 installations since March 14, 2023, prior to its removal. It was originally

Fake ChatGPT Chrome Extension Hijacking Facebook Accounts for Malicious Advertising

By Ravie Lakshmanan
A fake ChatGPT-branded Chrome browser extension has been found to come with capabilities to hijack Facebook accounts and create rogue admin accounts, highlighting one of the different methods cyber criminals are using to distribute malware. "By hijacking high-profile Facebook business accounts, the threat actor creates an elite army of Facebook bots and a malicious paid media apparatus," Guardio

ChromeLoader Malware Targeting Gamers via Fake Nintendo and Steam Game Hacks

By Ravie Lakshmanan
A new ChromeLoader malware campaign has been observed being distributed via virtual hard disk (VHD) files, marking a deviation from the ISO optical disc image format. "These VHD files are being distributed with filenames that make them appear like either hacks or cracks for Nintendo and Steam games," AhnLab Security Emergency response Center (ASEC) said in a report last week. ChromeLoader (aka

Hackers Create Malicious Dota 2 Game Modes to Secretly Access Players' Systems

By Ravie Lakshmanan
An unknown threat actor created malicious game modes for the Dota 2 multiplayer online battle arena (MOBA) video game that could have been exploited to establish backdoor access to players' systems. The modes exploited a high-severity flaw in the V8 JavaScript engine tracked as CVE-2021-38003 (CVSS score: 8.8), which was exploited as a zero-day and addressed by Google in October 2021. "Since V8

New SH1MMER Exploit for Chromebook Unenrolls Managed ChromeOS Devices

By Ravie Lakshmanan
A new exploit has been devised to "unenroll" enterprise- or school-managed Chromebooks from administrative control. Enrolling ChromeOS devices makes it possible to enforce device policies as set by the organization via the Google Admin console, including the features that are available to users. "Each enrolled device complies with the policies you set until you wipe or deprovision it," Google 

Experts Detail Chromium Browser Security Flaw Putting Confidential Data at Risk

By Ravie Lakshmanan
Details have emerged about a now-patched vulnerability in Google Chrome and Chromium-based browsers that, if successfully exploited, could have made it possible to siphon files containing confidential data. "The issue arose from the way the browser interacted with symlinks when processing files and directories," Imperva researcher Ron Masas said. "Specifically, the browser did not properly check

Google Rolls Out New Chrome Browser Update to Patch Yet Another Zero-Day Vulnerability

By Ravie Lakshmanan
Search giant Google on Friday released an out-of-band security update to fix a new actively exploited zero-day flaw in its Chrome web browser. The high-severity flaw, tracked as CVE-2022-4262, concerns a type confusion bug in the V8 JavaScript engine. Clement Lecigne of Google's Threat Analysis Group (TAG) has been credited with reporting the issue on November 29, 2022. Type confusion

Google Accuses Spanish Spyware Vendor of Exploiting Chrome, Firefox, & Windows Zero-Days

By Ravie Lakshmanan
A Barcelona-based surveillanceware vendor named Variston IT is said to have surreptitiously planted spyware on targeted devices by exploiting several zero-day flaws in Google Chrome, Mozilla Firefox, and Windows, some of which date back to December 2018. "Their Heliconia framework exploits n-day vulnerabilities in Chrome, Firefox, and Microsoft Defender, and provides all the tools necessary to

Chrome fixes 8th zero-day of 2022 – check your version now (Edge too!)

By Paul Ducklin
There isn't a rhyme to remind you which months have browser zero-days... you just have to keep your eyes and ears open!

Update Chrome Browser Now to Patch New Actively Exploited Zero-Day Flaw

By Ravie Lakshmanan
Google on Thursday released software updates to address yet another zero-day flaw in its Chrome web browser. Tracked as CVE-2022-4135, the high-severity vulnerability has been described as a heap buffer overflow in the GPU component. Clement Lecigne of Google's Threat Analysis Group (TAG) has been credited with reporting the flaw on November 22, 2022. Heap-based buffer overflow bugs can be 

“This Connection Is Not Private” – What it Means and How to Protect Your Privacy

By McAfee

Have you ever been browsing online and clicked a link or search result that took you to a site that triggers a “your connection is not private” or “your connection is not secureerror code? If you’re not too interested in that particular result, you may simply move on to another result option. But if you’re tempted to visit the site anyway, you should be sure you understand what the warning means, what the risks are, and how to bypass the error if you need to.   

What does “this connection is not private” mean?

A “your connection is not private” error means that your browser cannot determine with certainty that a website has safe encryption protocols in place to protect your device and data. You can bump into this error on any device connected to the internet — computer, smartphone, or tablet.  

So, what exactly is going on when you see the “this connection is not private” error?  

For starters, it’s important to know that seeing the error is just a warning, and it does not mean any of your private information is compromised. A “your connection is not privateerror means the website you were trying to visit does not have an up-to-date SSL (secure sockets layer) security certificate. 

Website owners must maintain the licensing regularly to ensure the site encryption capabilities are up to date. If the website’s SSL certificate is outdated, it means the site owners have not kept their encryption licensing current, but it doesn’t necessarily mean they are up to no good. Even major websites like LinkedIn have had momentary lapses that would throw the error. LinkedIn mistakenly let their subdomain SSL certificates lapse.  

In late 2021, a significant provider of SSL certificates, Let’s Encrypt, went out of business. When their root domain officially lapsed, it created issues for many domain names and SSL certificates owned by legitimate companies. The privacy error created problems for unwitting businesses, as many of their website visitors were rightfully concerned about site security.  

While it does not always mean a website is unsafe to browse, it should not be ignored. A secure internet connection is critical to protecting yourself online. Many nefarious websites are dangerous to visit, and this SSL certificate error will protect you from walking into them unaware.   

SSL certification standards have helped make the web a safer place to transact. It helps ensure online activities like paying bills online, ordering products, connecting to online banking, or keeping your private email accounts safe and secure. Online security continues to improve with a new Transport Layer Security (TLS) standard, which promises to be the successor protocol to SSL. 

So be careful whenever visiting sites that trigger the “connection is not private” error, as those sites can potentially make your personal data less secure and make your devices vulnerable to viruses and malware 

Note: The “your connection is not private” error is Google Chrome‘s phrasing. Microsoft Edge or Mozilla Firefox users will instead see a “your connection is not secure” error as the warning message.   

How to fix the “connection is not private” error

If you feel confident that a website or page is safe, despite the warning from your web browser, there are a few things you can do to troubleshoot the error.  

  • Refresh the page. In some cases, the error is just a momentary glitch. Try reloading the page to rule out a temporary error.  
  • Close browser and reopen. Closing and reopening your web browser might also help clear a temporary glitch.  
  • If you’re on public WiFi, think twice. Hackers often exploit public WiFi because their routers are usually not as secure or well-maintained for security. Some public WiFi networks may not have an SSL connection, or they may limit your access to websites. You can safely browse more securely in public spaces if you have an antivirus software or virtual private network (VPN) solution. 
  • Use “Incognito” mode. The most used browsers (Google Chrome browser, Mac‘s Safari, Mozilla Firefox, and Microsoft Edge) offer an “Incognito mode” that lets you browse without data collecting in your history or cache. Open the site in a new incognito window and see if the error still appears.  
  • Clear the cache on your browser. While cookies make browsing the web more convenient and personalized, they also can hold on to sensitive information. Hackers will take advantage of cached data to try and get passwords, purchase information, and anything else they can exploit. Clear browsing data before going to a site with the “connection is not secure” error to help limit available data for hackers 
  • Check the computer’s date and time. If you frequently see the “connection is not private” error, you should check and ensure your computer has the accurate time and date. Your computer’s clock can sometimes have time and date stamp issues and get glitchy in multiple ways. If it’s incorrect, adjust the date and set the time to the correct settings.  
  • Check your antivirus software. If your antivirus software is sensitive, you may have to disable it momentarily to bypass the error. Antivirus software protects you, so you should be careful to remember to turn the software back on again after you’ve bypassed the error.  
  • Be sure your browsers and operating systems are up to date. You should always keep your critical software and the operating system fully updated. An outdated browser can start getting buggy and can increase the occurrence of this kind of error.  
  • Research the website. Do a quick search for the company of the website you wish to visit and make sure they are a legitimate business. You can search for reviews, Better Business Bureau ratings, or check for forums to see if others are having the same issue. Be sure you are spelling the website address correctly and that you have the correct URL for the site. Hackers can take advantage of misspellings or alternative URLs to try and snare users looking for trusted brands. 
  • If it’s not you, it’s them. If you’ve tried all the troubleshooting techniques above and you still see the error, the problem is likely coming from the site itself. If you’re willing to take your chances (after clearing your browser’s cache), you can click the option to “proceed to the domain,” though it is not recommended. You may have to choose “advanced settings” and click again to visit the site.   

Remember, you are taking your chances anytime you ignore an error. As we mentioned, you could leave yourself vulnerable to hackers after your passwords, personal information, and other risks.  

How to protect your privacy when browsing online

Your data and private information are valuable to hackers, so they will continue to find new ways to try and procure it. Here are some ways to protect yourself and your data when browsing online.  

  • Antivirus solutions are, hands down, your best line of protection against hacking. Solutions like McAfee+ Ultimate offer all the tools you need to secure your data and devices.  
  • Use strong passwords and two-factor authentication when available. 
  • Delete unused browser extensions (or phone apps) to reduce access. 
  • Always keep your operating system and browsers up-to-date. You can open system preferences and choose to update your system automatically. 
  • Use a secure VPN solution to shield your data when browsing. 
  • Use your favorite browser’s incognito mode to reduce the data connected to your devices. 
  • Remove any 3rd party apps from your social media accounts — especially if you’ve recently taken a Facebook quiz or similar (also, don’t take Facebook quizzes). 
  • Engage the highest privacy settings in each of your browsers. 
  • Always check the address bar for HTTPS before sharing credit cards or other sensitive data on a website. 
  • Share less personal and private information on social media.  

Discover how McAfee keeps you and your data safe from threats

As we continue to do more critical business online, we must also do our best to address the risks of the internet’s many conveniences.  

A comprehensive cybersecurity tool like McAfee+ Ultimate can help protect you from online scams, identity theft, and phishing attempts, and ensure you always have a secure connection. McAfee helps keep your sensitive information out of the hands of hackers and can help you keep your digital data footprints lighter with personal data cleanup.  

With McAfee’s experts on your side, you can enjoy everything the web offers with the confidence of total protection. 

The post “This Connection Is Not Private” – What it Means and How to Protect Your Privacy appeared first on McAfee Blog.

How to Tell Whether a Website Is Safe or Unsafe

By McAfee

It’s important to know that not all websites are safe to visit. In fact, some sites may contain malicious software (malware) that can harm your computer or steal your personal contact information or credit card numbers.  

Phishing is another common type of web-based attack where scammers try to trick you into giving them your personal information, and you can be susceptible to this if you visit a suspicious site.  

Identity theft is a serious problem, so it’s important to protect yourself when browsing the web. Online security threats can be a big issue for internet users, especially when visiting new websites or following site links. 

So how can you tell if you’re visiting a safe website or an unsafe website? You can use a few different methods. This page discusses key things to look for in a website so you can stay safe online. 

Key signs of website safety and security

When you’re visiting a website, a few key indicators can help determine whether the site is safe. This section explores how to check the URL for two specific signs of a secure website. 

”Https:” in the website URL

“Https” in a website URL indicates that the website is safe to visit. The “s” stands for “secure,” and it means that the website uses SSL (Secure Sockets Layer) encryption to protect your information. A verified SSL certificate tells your browser that the website is secure. This is especially important when shopping online or entering personal information into a website. 

When you see “https” in a URL, the site is using a protocol that encrypts information before it’s sent from your computer to the website’s server. This helps prevent anyone from intercepting and reading your sensitive information as it’s transmitted. 

A lock icon near your browser’s URL field

The padlock icon near your browser’s URL field is another indicator that a webpage is safe to visit. This icon usually appears in the address bar and means the site uses SSL encryption. Security tools and icon and warning appearances depend on the web browser. 

Let’s explore the cybersecurity tools on the three major web browsers: 

  • Safari. In the Safari browser on a Mac, you can simply look for the lock icon next to the website’s URL in the address bar. The lock icon will be either locked or unlocked, depending on whether the site uses SSL encryption. If it’s an unsafe website, Safari generates a red-text warning in the address bar saying “Not Secure” or “Website Not Secure” when trying to enter information in fields meant for personal data or credit card numbers. Safari may also generate an on-page security warning stating, “Your connection is not private” or “Your connection is not secure.” 
  • Google Chrome. In Google Chrome, you’ll see a gray lock icon (it was green in previous Chrome versions) on the left of the URL when you’re on a site with a verified SSL certificate. Chrome has additional indicator icons, such as a lowercase “i” with a circle around it. Click this icon to read pertinent information on the site’s cybersecurity. Google Safe Browsing uses security tools to alert you when visiting an unsafe website. A red caution symbol may appear to the left of the URL saying “Not secure.” You may also see an on-page security message saying the site is unsafe due to phishing or malware. 
  • Firefox. Like Chrome, Mozilla’s Firefox browser will tag all sites without encryption with a distinctive marker. A padlock with a warning triangle indicates that the website is only partially encrypted and may not prevent cybercriminals from eavesdropping. A padlock with a red strike over it indicates an unsafe website. If you click on a field on the website, it’ll prompt you with a text warning stating, “This connection is not secure.” 

In-depth ways to check a website’s safety and security

Overall, the ”https” and the locked padlock icon are good signs that your personal data will be safe when you enter it on a website. But you can ensure a website’s security is up to par in other ways. This section will explore five in-depth methods for checking website safety. 

Use McAfee WebAdvisor

McAfee WebAdvisor is a free toolbar that helps keep you safe online. It works with your existing antivirus software to provide an extra layer of protection against online threats. WebAdvisor also blocks unsafe websites and lets you know if a site is known for phishing or other malicious activity. In addition, it can help you avoid online scams and prevent you from accidentally downloading malware. Overall, McAfee WebAdvisor is a useful tool that can help you stay safe while browsing the web. 

Website trust seals

When you’re browsing the web, it’s important to be able to trust the websites you’re visiting. One way to determine if a website is trustworthy is to look for trust seals. Trust seals are logos or badges that indicate a website is safe and secure. They usually appear on the homepage or checkout page of a website. 

There are many types of trust seals, but some of the most common include the Better Business Bureau (BBB) seal, VeriSign secure seal, and the McAfee secure seal. These seals indicate that a third-party organization has verified the website as safe and secure. 

While trust seals can help determine whether a website is trustworthy, it’s important to remember that they are not foolproof. Website owners can create a fake trust seal, so it’s always important to do your own research to ensure a website is safe before entering personal information. 

Check for a privacy policy

Another way to determine if a website is safe to visit is to check for a privacy policy. A privacy policy is a document that outlines how a website collects and uses personal information. It should also state how the site protects your data from being accessed or shared by scammers, hackers, or other unauthorized individuals. 

If a website doesn’t have a privacy policy, that’s a red flag that you shouldn’t enter any personal information on the site. Even if a website does have a privacy policy, it’s important to read it carefully so you understand how the site uses your personal data. 

Check third-party reviews

It’s important to do some preliminary research before visiting a new website, especially if you’re shopping online or entering personal data like your address, credit card, or phone number. One way to determine if a website is safe and trustworthy is to check third-party reviews. Several websites provide reviews of other websites, so you should be able to find several reviews for any given site.  

Trustpilot is one example of a website that provides reviews of other websites. 

Look for common themes when reading reviews. If most of the reviews mention that a website is safe and easy to use, it’s likely that the site is indeed safe to visit. However, if a lot of negative reviews mention problems with viruses or malware, you might want to avoid the site. 

Look over the website design

You can also analyze the website design when deciding whether a website is safe to visit. Look for spelling errors, grammatical mistakes, and anything that appears off. If a website looks like it was made in a hurry or doesn’t seem to be well-designed, that’s usually a red flag that the site might not be safe. 

Be especially careful of websites that have a lot of pop-ups. These sites are often spammy or contain malware. Don’t download anything from a website unless you’re absolutely sure it’s safe. These malicious websites rarely show up on the top of search engine results, so consider using a search engine to find what you’re looking for rather than a link that redirects you to an unknown website. 

Download McAfee WebAdvisor for free and stay safe while browsing

If you’re unsure whether a website is safe to visit, download McAfee WebAdvisor for free. McAfee WebAdvisor is a program that helps protect you from online threats, such as malware and viruses. It also blocks pop-ups and other intrusive ads so you can browse the web without worry. Plus, it’s completely free to download and use. 

Download McAfee WebAdvisor now and stay safe while browsing the web. 

The post How to Tell Whether a Website Is Safe or Unsafe appeared first on McAfee Blog.

This Malware Installs Malicious Browser Extensions to Steal Users' Passwords and Cryptos

By Ravie Lakshmanan
A malicious extension for Chromium-based web browsers has been observed to be distributed via a long-standing Windows information stealer called ViperSoftX. Czech-based cybersecurity company dubbed the rogue browser add-on VenomSoftX owing to its standalone features that enable it to access website visits, steal credentials and clipboard data, and even swap cryptocurrency addresses via an

Microsoft’s Edge over Popups (and Google Chrome)

By McAfee Labs

Following up on our previous blog, How to Stop the Popups, McAfee Labs saw a sharp decrease in the number of deceptive push notifications reported by McAfee consumers running Microsoft’s Edge browser on Windows.

Such browser-delivered push messages appear as toaster pop-ups in the tray above the system clock and are meant to trick users into taking various actions, such as installing software, purchasing a subscription, or providing personal information.

example of a deceptive push notification
example of a deceptive push notification

Upon further investigation, this major drop seems to be associated with a change in the behavior of the Edge browser with two notable improvements over older versions.

First, when users visit websites known to deliver deceptive push notifications, Edge blocks authorization prompts that could trick users into opting-in to receive popups:

Second, when unwanted popups do occur, it is now easier than ever to disable them, on a per-site basis.  Users can simply click the three dots (…) on the right of the notification and choose to “Turn off all notifications for” the domain responsible for the popup.

This is a great improvement over the previous experience of having to manually navigate browser settings to achieve the desired result.

Earlier this year, 9TO5Google reported a Chrome code change may be indicative of a similar crack down by Google on nefarious popups.

One can hope Google will follow Microsoft’s example to improve browser security and usability.

The post Microsoft’s Edge over Popups (and Google Chrome) appeared first on McAfee Blog.

Chrome issues urgent zero-day fix – update now!

By Paul Ducklin
We've said it before/And we'll say it again/It's not *if* you should patch/It's a matter of *when*. (Hint: now!)

Google Issues Urgent Chrome Update to Patch Actively Exploited Zero-Day Vulnerability

By Ravie Lakshmanan
Google on Thursday rolled out emergency fixes to contain an actively exploited zero-day flaw in its Chrome web browser. The vulnerability, tracked as CVE-2022-3723, has been described as a type confusion flaw in the V8 JavaScript engine. Security researchers Jan Vojtěšek, Milánek, and Przemek Gmerek of Avast have been credited with reporting the flaw on October 25, 2022. "Google is aware of

Google Rolling Out Passkey Passwordless Login Support to Android and Chrome

By Ravie Lakshmanan
Google on Wednesday officially rolled out support for passkeys, the next-generation authentication standard, to both Android and Chrome. "Passkeys are a significantly safer replacement for passwords and other phishable authentication factors," the tech giant said. "They cannot be reused, don't leak in server breaches, and protect users from phishing attacks." The feature was first announced in

Hackers Can Use 'App Mode' in Chromium Browsers' for Stealth Phishing Attacks

By Ravie Lakshmanan
In what's a new phishing technique, it has been demonstrated that the Application Mode feature in Chromium-based web browsers can be abused to create "realistic desktop phishing applications." Application Mode is designed to offer native-like experiences in a manner that causes the website to be launched in a separate browser window, while also displaying the website's favicon and hiding the

Chrome and Edge fix zero-day security hole – update now!

By Paul Ducklin
This time, the crooks got there first - only 1 security hole patched, but it's a zero-day.

Google Releases Urgent Chrome Update to Patch New Zero-Day Vulnerability

By Ravie Lakshmanan
Google on Friday shipped emergency fixes to address a security vulnerability in the Chrome web browser that it said is being actively exploited in the wild. The issue, assigned the identifier CVE-2022-3075, concerns a case of insufficient data validation in Mojo, which refers to a collection of runtime libraries that provide a platform-agnostic mechanism for inter-process communication (IPC). An

Google Chrome Bug Lets Sites Silently Overwrite System Clipboard Content

By Ravie Lakshmanan
A "major" security issue in the Google Chrome web browser, as well as Chromium-based alternatives, could allow malicious web pages to automatically overwrite clipboard content without requiring any user consent or interaction by simply visiting them. The clipboard poisoning attack is said to have been accidentally introduced in Chrome version 104, according to developer Jeff Johnson. While the
❌