HackDig : Dig high-quality web security articles

Google: Manifest V2 Chrome extensions to stop working in 2023

Google has shared the phase-out timeline for Manifest V2 Chrome extensions and its plans to bring Manifest V3 to full feature parity.Extension capabilities are restricted using a mechanism called extension manifest. Google made available the new version, Manifest V3, when Chrome 88 was announced earlier this year.Google first reveale
Publish At:2021-09-23 21:28 | Read:114 | Comments:0 | Tags:Google

Google tests if 'Chrome/100.0' user agent breaks websites

Google is testing whether changing the Chrome user agent to three-digit 'Chrome/100' will cause loss of functionality on websites that are expecting a two digit version number.A user agent is a string sent by a web browser to a website to let the site know what browser the visitor is using, its version, and integrated technology.When a new version of a brows
Publish At:2021-09-23 13:12 | Read:159 | Comments:0 | Tags:Google

Malware devs trick Windows validation with malformed certs

Google researchers spotted malware developers creating malformed code signatures seen as valid in Windows to bypass security software.This tactic is actively used to push OpenSUpdater, a family of unwanted software also known as riskware, which injects ads into victims' browsers and installs other unwanted programs onto their devices.Campaigns
Publish At:2021-09-23 13:12 | Read:129 | Comments:0 | Tags:Security Google Microsoft

Google, geofence warrants, and you

Another day, another example of how the data sharing choices we make can come back to haunt us. The Guardian reports a Florida resident finding his bike ride data requested by law enforcement. This is due to his route taking him close to the scene of a burglary a year earlier. According to the report, he had just seven days to put something in front of a
Publish At:2021-09-22 07:24 | Read:77 | Comments:0 | Tags:Privacy beacons geofence Google law enforcement privacy sear

Billions more Android devices will reset risky app permissions

Google announced today that support for a recently released Android privacy protection feature would be backported to billions of devices running older Android versions later this year.The permission auto-reset feature, first introduced with Android 11, is designed to protect users' privacy by automatically removing runtime permissions for apps that haven't
Publish At:2021-09-17 17:08 | Read:162 | Comments:0 | Tags:Security Google android

Microsoft Patch Tuesday, September 2021 Edition

Microsoft today pushed software updates to plug dozens of security holes in Windows and related products, including a vulnerability that is already being exploited in active attacks. Also, Apple has issued an emergency update to fix a flaw that’s reportedly been abused to install spyware on iOS products, and Google‘s got a new version of Chrome t
Publish At:2021-09-14 19:05 | Read:220 | Comments:0 | Tags:Time to Patch adobe Allan Liska apple chrome CVE-2021-28316

Google Chromebook bug causes black screens after login

Image:Anete LūsiņaGoogle is investigating reports of black screens showing up on users' Chromebooks when trying to log into their Chrome OS accounts.The company has acknowledged this issue on the Google Customer Care Portal almost one hour ago and is yet to provide updates or a workaround for customers impacted by this bug.Google is also yet to sha
Publish At:2021-09-14 17:07 | Read:253 | Comments:0 | Tags:Google

Update now! Google Chrome fixes two in-the-wild zero-days

Google announced on Monday that it will be issuing patches for 11 high severity vulnerabilities found in Chrome, including two that are currently being exploited in the wild. The patch, which is part of the Stable Channel Update for Chrome 93 (93.0.4577.82), will be released for Windows, Mac, and Linux (if it hasn’t already). Chrome users are expected t
Publish At:2021-09-14 15:15 | Read:136 | Comments:0 | Tags:Exploits and vulnerabilities 93.0.4577.82 Chrome vulnerabili

Google patches 10th Chrome zero-day exploited in the wild this year

Google has released Chrome 93.0.4577.82 for Windows, Mac, and Linux to fix eleven security vulnerabilities, two of them being zero-days exploited in the wild."Google is aware that exploits for CVE-2021-30632 and CVE-2021-30633 exist in the wild," the company revealed in the release notes for the new Chrome version.The update is currently rolling out worldwid
Publish At:2021-09-13 21:27 | Read:16 | Comments:0 | Tags:Google Security exploit

New Spook.Js attack allows to bypass Google Chrome Site Isolation protections

Spook.js is a new side-channel attack on modern processors that can allow bypassing Site Isolation protections implemented in Google Chrome. Boffins devised a transient side-channel attack on modern processors, “Spook.js,” that can be abused by threat actors to bypass Site Isolation protections implemented in Google Chrome and Chromium brows
Publish At:2021-09-13 11:35 | Read:250 | Comments:0 | Tags:Breaking News Hacking Chrome Google hacking news information

Google implements new Private Compute Services for Android

Google introduces Private Compute Services, a collection of services aimed at designing to improve privacy in the Android operating system. Good news for Android users, Google has implemented the Private Compute Services, a set of features aimed at improving their privacy. “We introduced Android’s Private Compute Core in Android 12 Beta. Today,
Publish At:2021-09-12 16:45 | Read:155 | Comments:0 | Tags:Breaking News Digital ID Mobile Android Google hacking news

KrebsOnSecurity Hit By Huge New IoT Botnet “Meris”

On Thursday evening, KrebsOnSecurity was the subject of a rather massive (and mercifully brief) distributed denial-of-service (DDoS) attack. The assault came from “Meris,” the same new botnet behind record-shattering attacks against Russian search giant Yandex this week and internet infrastructure firm Cloudflare earlier this summer. Cloudflare
Publish At:2021-09-10 19:05 | Read:260 | Comments:0 | Tags:A Little Sunshine The Coming Storm Akamai Cambridge Universi

Google App bug blocks Android users from receiving, making calls

Google says that users of some Android phone models are affected by a Google App bug preventing them from making and receiving calls."After the latest update to the Google Search App on Android, the users of certain mobile phones are experiencing difficulty in receiving and making calls," a Google community manager said earlier today.The company has released
Publish At:2021-08-30 17:07 | Read:292 | Comments:0 | Tags:Google android

US government and private sector agree to invest time, money in cybersecurity

In the wake of several high-profile ransomware attacks against critical infrastructure and major organizations in the last few months, President Biden met with private sector and education leaders to discuss a whole-of-nation effort needed to address cybersecurity threats and bolster the nation’s cybersecurity. Several participants in President Biden̵
Publish At:2021-08-26 14:21 | Read:440 | Comments:0 | Tags:Awareness amazon Apple Biden Administration colonial pipelin

Google drops Bluetooth Titan Security Keys in favor of NFC versions

Google is discontinuing the Bluetooth Titan Security Key to focus on security keys with Near Field Communication (NFC) functionality.As part of this move, Google has also announced a new Titan Security Key with USB-C and NFC to go along with the previously available USB-A + NFC security key.Google's Titan Security Keys were introduced in 2018 and are de
Publish At:2021-08-09 14:37 | Read:605 | Comments:0 | Tags:Google Security security

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud