Security News > 2020 > June > News Wrap: Malicious Chrome Extensions Removed, CIA ‘Woefully Lax’ Security Policies Bashed

News Wrap: Malicious Chrome Extensions Removed, CIA ‘Woefully Lax’ Security Policies Bashed
2020-06-19 16:50

Lindsey: Yeah, it kind of does put into question Google's kind of its policies and how it is able to use automated and manual analyses of different extensions, just because, you know, as you mentioned, we have, 106 Chrome browser extensions in question here.

As Tom pointed out, maybe some of those devices have, you know, Google Chrome extensions that are malicious.

Again, you know, maybe downloading a malicious Chrome extension without any malice or just deleting or doing something I do think it's really interesting how we redefine an insider threat when most of us are now working from home, what is an insider threat? And how do we define an insider threat? And what are those threats?

I think that's a really good point time like when the Verizon data breach investigations report came out earlier this year, one of the highlights was the fact that, you know, insider threat is not always, you know, this, this employee who's being like persuaded by someone from the outside to, you know, release data or something that sometimes a lot of the times is just, you know, defined as someone who clicks on a phishing email or something, or it's just, you know, someone who is downloading these malicious extensions or plugins or third party apps or whatever, and just unintentionally opening up the organization from within to some to kind of an external threat.

Tom: You always hear the stories about you know, somebody who's giving two weeks notice or some somebody who feels like they're gonna lose their job and they start, grabbing files and, either doing things that are malicious or doing things that are they're taking, you know, IP off of the servers or taking client names off of the databases.


News URL

https://threatpost.com/news-wrap-malicious-chrome-extensions-removed-cia-woefully-lax-security-policies-bashed/156768/