Stealing Windows credentials using Google Chrome
Attacks that leak authentication credentials using the SMB file sharing protocol on Windows OS are an ever-present issue, exploited in various ways but usually limited to …
Google to sanction Symantec for misissuing security certificates
In a post on a developers’ forum, software engineer on the Google Chrome team Ryan Sleevi has announced Google’s plan to start gradually distrust all existing …
LastPass extensions can be made to cough up passwords, deliver malware
LastPass Chrome and Firefox extensions contain flaws that could allow malicious websites to steal victims’ passwords or execute commands on their computer. The flaws …
Chrome users on macOS to see more dangerous site warnings
MacOS users who use Chrome to surf the web are likely to see more security warnings in the coming days, as Google’s Safe Browsing service will start flagging sites …
Cyber crooks’ latest tricks for targeting Chrome users
Chrome users have lately been targeted with a few unusual malware delivery and scam attempts. The “font wasn’t found” trick The first one comes from compromised WordPress …
Google is winding up Gmail support for older Chrome versions
Chrome users that, for whatever reason, can’t or don’t want to update to the latest version of the browser will soon start seeing warnings when they access Gmail. …
The latest on the critical RCE Cisco WebEx extension vulnerability
Since Google bug hunter Tavis Ormandy revealed the existence of a remotely exploitable code execution flaw in the Cisco WebEx extension for Google Chrome last week, Cisco has …
Cisco WebEx extension opens Chrome users to drive-by malware attacks
Windows users who have the widely used Cisco WebEx extension installed on Chrome are in danger of getting silently hacked when visiting a malicious website. The vulnerability, …
Adobe quietly bundles data-collecting Chrome extension with latest Reader update
Chrome users who have installed the latest Adobe security updates have also been unknowingly saddled with a browser extension (“Adobe Acrobat”) that can collect some of their …
Malvertising campaign compromises routers instead of computers
The DNSChanger exploit kit is back and more effective than ever, and is being used in a widespread malvertising attack whose goal is to compromise small/home office routers. …
Final warning: Popular browsers will soon stop accepting SHA-1 certificates
Starting with Chrome 56, planned to be released to the wider public at the end of January 2017, Google will remove support for SHA-1 certificates. Other browser makers plan to …
Bug in Chrome for mobile exploited for drive-by Android malware downloads
Users of the mobile version of Google Chrome should be extra careful when faced with unsolicited offers to install a popular app, Kaspersky Lab researchers warn. Cyber crooks …
Featured news
Sponsored
Don't miss
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?
- Managing exam pressure: Tips for certification preparation
- Firmware update hides Bluetooth fingerprints
- Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929)