HackDig : Dig high-quality web security articles for hackers

A week in security (January 18 – January 24)

Last week on Malwarebytes Labs, we looked at changes to WhatsApp’s privacy policy, we provided information about Malwarebytes being targeted by the same threat actor that was implicated in the SolarWinds breach, we told the story of ZeroLogon, looked at the pros and cons of Zoom watermarking, studied the vulnerabilities in dnsmasq called DNSpooq, asked if Ti
Publish At:2021-01-25 12:06 | Read:124 | Comments:0 | Tags:A week in security Malwarebytes news bec Brave chrome Cisco

Chrome wants to make your passwords stronger

A common sentiment, shared by many people down the years, is that storing passwords in browsers is a bad idea. Malware, for example, would specifically target password storage in browsers and plunder everything in sight. Password managers weren’t exactly flying off the shelves back in 2007, your only real options were home grown. People ended up saving l
Publish At:2021-01-22 17:48 | Read:146 | Comments:0 | Tags:Privacy browser chrome encrypted malware password manager pa

Sophisticated hacking campaign uses Windows and Android zero-days

Google Project Zero researchers uncovered a sophisticated hacking campaign that targeted Windows and Android users. The Google Project Zero team has recently launched an initiative aimed at devising new techniques to detect 0-day exploits employed in attacks in the wild. While partnering with the Google Threat Analysis Group (TAG), the experts discovered
Publish At:2021-01-12 21:24 | Read:127 | Comments:0 | Tags:APT Breaking News Hacking Android Chrome hacking news inform

Experts spotted browser malicious extensions for Instagram, Facebook and others

Avast researchers reported that three million users installed 28 malicious Chrome or Edge extensions that could perform several malicious operations. Avast Threat Intelligence researchers spotted malicious Chrome and Edge browser extensions that were installed by over 3 million users. The extensions were designed to steal user’s data (i.e. birth
Publish At:2020-12-17 09:42 | Read:186 | Comments:0 | Tags:Breaking News Malware Chrome Chrome extensions Edge Hacking

Hat trick for Google as it patches two more zero-days in Chrome

Slightly over a week ago we advised you to update your Chrome browser. That warning came only a week or so after we advised you to update your Chrome browser. Things are getting a bit repetitive round here. Today, we are compelled to repeat that statement as Google has issued patches for two new zero-day vulnerabilities. Someone tipped Google off about
Publish At:2020-11-12 21:23 | Read:544 | Comments:0 | Tags:Exploits and vulnerabilities chrome cve-2020-16013 cve-2020-

Google addresses two new Chrome zero-day flaws

Google has released Chrome version 86.0.4240.198 that addresses two additional zero-day vulnerabilities that were exploited in the wild. Google has addressed two zero-day vulnerabilities, actively exploited in the wild, with the release of Chrome version 86.0.4240.198. The IT giant has fixed a total of five Chrome zero-day vulnerabilities in only three
Publish At:2020-11-12 07:17 | Read:292 | Comments:0 | Tags:Breaking News Hacking Chrome hacking news information securi

Google and Mozilla fixed issues exploited at 2020 Tianfu Cup hacking contest

Mozilla and Google have already fixed the critical flaws in Firefox and Chrome exploited by bug bounty hunters at 2020 Tianfu Cup hacking contest. Mozilla and Google have already addressed the critical Firefox and Chrome vulnerabilities that were recently exploited by white hat hackers at the 2020 Tianfu Cup hacking contest. The vulnerability in Chrome
Publish At:2020-11-11 15:41 | Read:432 | Comments:0 | Tags:Breaking News Hacking Security 2020 Tianfu Cup Chrome Firefo

Microsoft Patch Tuesday fixes CVE-2020-17087 currently under active exploitation

Microsoft Patch Tuesday updates for November 2020 address 112 flaws, including a Windows bug that was chained with Chrome issues in attacks. Microsoft Patch Tuesday updates for November 2020 address 112 vulnerabilities in multiple products, including Microsoft Windows, Office and Office Services and Web Apps, Internet Explorer (IE), Edge (EdgeHTML-based a
Publish At:2020-11-11 04:30 | Read:592 | Comments:0 | Tags:Breaking News Security Chrome CVE-2020-17087 Hacking hacking

S3 Ep5: Chrome, Flash and malware for sale [Podcast]

byPaul DucklinIn this episode: a zero-day bug in Chrome for Android, the imminent death of Adobe Flash, the evolution of “malware-as-a-service“, and the malware risks from image search. Also (oh! no!), why you should take care before you pair.Presenters: Kimberly Truong, Doug Aamoth and Paul Ducklin.Intro and outro music: Edith Mudge.LISTEN NOWCl
Publish At:2020-11-05 12:12 | Read:343 | Comments:0 | Tags:Uncategorized Buer chrome Cybercrime Exploit Google malware

Update your Chrome again as Google patches second zero-day in two weeks

Before you start to Google for election news, we’d like you to check whether your browser is at the latest and safest version. “Again?”, Chrome users may say. Yes, because Google has found another zero-day vulnerability – that means it’s a hole that is actively being exploited right now. It’s the second zero-day in Google found in
Publish At:2020-11-03 15:05 | Read:491 | Comments:0 | Tags:Exploits and vulnerabilities 0day chrome cve-2020-16009 Java

Google discloses unpatched Windows zero-day exploited in the wild

Google researchers disclosed today a zero-day vulnerability in the Windows operating system that is currently under active exploitation. Security researchers from Google have disclosed a zero-day vulnerability in the Windows operating system, tracked as CVE-2020-17087, that is currently under active exploitation. Ben Hawkes, team lead for Google Projec
Publish At:2020-10-30 18:59 | Read:449 | Comments:0 | Tags:Breaking News Hacking Chrome Google information security new

Chrome 86.0.4240.111 fixes actively exploited CVE-2020-15999 zero-day

Google has released Chrome version 86.0.4240.111 that also addresses the CVE-2020-15999 flaw which is an actively exploited zero-day. Google has released Chrome version 86.0.4240.111 that includes security fixes for several issues, including a patch for an actively exploited zero-day vulnerability tracked as CVE-2020-15999. The CVE-2020-15999 flaw is a
Publish At:2020-10-21 09:18 | Read:467 | Comments:0 | Tags:Breaking News Hacking Chrome CVE-2020-15999 Google hacking n

Meeting the Challenges of Remote Work with Chrome OS Policy Settings – Part I

Many organizations, from enterprises to small businesses and schools, are focusing efforts on distance working and learning. One significant hurdle for those who are suddenly tasked with supporting remote users is the question of how to manage a fleet of new endpoints. One appealing solution for managing all these new remote users is to use Google Chromebook
Publish At:2020-09-02 01:45 | Read:611 | Comments:0 | Tags:Security Controls Chrome configuration policy operating syst

“Chrome considered harmful” – the Law of Unintended Consequences

byPaul DucklinA recent article on the APNIC blog, entitled Chromium’s impact on root DNS traffic, has set the Chromium browser project thinking about a feature in the browser code that’s known as the Intranet Redirect Detector.To explain.APNIC is the Asia Pacific Network Information Centre, headquartered in Brisbane, Australia, one of five internet num
Publish At:2020-08-26 14:12 | Read:591 | Comments:0 | Tags:Google Google Chrome chrome Chromium

Google Chrome Aims to Keep its Edge Over Other Browsers with its Latest Privacy and Security Features

Google Chrome may currently enjoy the numero uno position in the world of browsers, but it is starting to feel the pressure. The competition is heating up with its rivals like Microsoft Edge offering upgraded security features to lock in more users.The coronavirus pandemic has brought extensive changes to the way people operate, which in turn, has created a
Publish At:2020-07-27 14:30 | Read:969 | Comments:0 | Tags:IT Security and Data Protection browser Chrome Google

Tools

Tag Cloud