Security News

Researchers at Guardio Labs have discovered a new malvertizing campaign pushing Google Chrome extensions that hijack searches and insert affiliate links into webpages. Because all these extensions offer color customization options and arrive on the victim's machine with no malicious code to evade detection, the analysts named the campaign "Dormant Colors."

In what's a new phishing technique, it has been demonstrated that the Application Mode feature in Chromium-based web browsers can be abused to create "Realistic desktop phishing applications." Application Mode is designed to offer native-like experiences in a manner that causes the website to be launched in a separate browser window, while also displaying the website's favicon and hiding the address bar.

Cybersecurity biz Kaspersky has spotted a modified version of the Tor Browser it says collects sensitive data on Chinese users. The data collected by the browser itself includes internet history and data entered into website forms, said the threat hunter.

A popular Chinese-language YouTube channel has emerged as a means to distribute a trojanized version of a Windows installer for the Tor Browser. The malicious version of the Tor Browser installer is being distributed via a link present in the description of a video that was uploaded to YouTube on January 9, 2022.

A new phishing technique using Chrome's Application Mode feature allows threat actors to display local login forms that appear as desktop applications, making it easier to steal credentials. Because desktop applications are generally harder to spoof, users are less likely to treat them with the same caution they reserve for browser windows that are more widely abused for phishing.

The Brave browser will soon allows users to block annoying and potentially privacy-harming cookie consent banners on all websites they visit. If you visited BleepingComputer from Europe, you may have noticed an annoying cookie consent prompt asking if you would like to accept data-collecting cookies from our advertisers.

Extended spellcheck features in Google Chrome and Microsoft Edge web browsers transmit form data, including personally identifiable information and in some cases, passwords, to Google and Microsoft respectively. In cases where Chrome Enhanced Spellcheck or Edge's Microsoft Editor were enabled, "Basically anything" entered in form fields of these browsers was transmitted to Google and Microsoft.

If you open something in the current window, then you're significantly limited as to how exciting and "System-like" you can make it look, aren't you? You can't write anything outside the browser window, so you can't sneakily put a window that looks like wallpaper on the desktop, like it's been there all along.

The idea of a BitB attack is to create what looks like a popup browser window that was generated securely by the browser itself, but that is actually nothing more than a web page that was rendered in an existing browser window. You'd have to admit that the resulting visual content looks exactly like a standalone browser window, even though it's actually a web page inside another browser window.

Hackers are launching new attacks to steal Steam credentials using a Browser-in-the-Browser phishing technique that is rising in popularity among threat actors. Today, Group-IB published a new report on the topic, illustrating how a new campaign using the 'Browser-in-the-Browser' method targets Steam users, going after accounts for professional gamers.