The latest on the critical RCE Cisco WebEx extension vulnerability
Since Google bug hunter Tavis Ormandy revealed the existence of a remotely exploitable code execution flaw in the Cisco WebEx extension for Google Chrome last week, Cisco has …
Cisco WebEx extension opens Chrome users to drive-by malware attacks
Windows users who have the widely used Cisco WebEx extension installed on Chrome are in danger of getting silently hacked when visiting a malicious website. The vulnerability, …
Adobe quietly bundles data-collecting Chrome extension with latest Reader update
Chrome users who have installed the latest Adobe security updates have also been unknowingly saddled with a browser extension (“Adobe Acrobat”) that can collect some of their …
Malvertising campaign compromises routers instead of computers
The DNSChanger exploit kit is back and more effective than ever, and is being used in a widespread malvertising attack whose goal is to compromise small/home office routers. …
Final warning: Popular browsers will soon stop accepting SHA-1 certificates
Starting with Chrome 56, planned to be released to the wider public at the end of January 2017, Google will remove support for SHA-1 certificates. Other browser makers plan to …
Bug in Chrome for mobile exploited for drive-by Android malware downloads
Users of the mobile version of Google Chrome should be extra careful when faced with unsolicited offers to install a popular app, Kaspersky Lab researchers warn. Cyber crooks …
Tech support scammers use old bug to freeze browsers
Tech support scammers are exploiting a bug that maxes out users’ CPU and memory capability and effectively freezes the browser and possibly the computer, in an attempt …
Google warns of actively exploited Windows zero-day
Google has disclosed to the public the existence of a Windows zero-day vulnerability (CVE-2016-7255) that is being actively exploited in the wild. According to Neel Mehta and …
Chrome will start labeling some HTTP sites as non-secure
Slowly but relentlessly, Google is pushing website owners to deploy HTTPS – or get left behind. The latest announced push is scheduled for January 2017, when Chrome 56 …
Google Chrome impersonator Trojan doing rounds
If you’re a Google Chrome user, and suddenly your browser looks a bit off and shows you pages that you would never visit ordinarily, you’ve probably been hit with …
Google Chrome users targeted by tech support scammers
Google Chrome users, beware: tech support scammers are misusing helpful browser features to impersonate Microsoft and to bombard users users with pop-ups. In the first …
Researchers pinpoint best times for delivering security messages
When is the best time to deliver a security message? A group of researchers from Brigham Young University has been tracking users’ neural activity while they are using a …