Security News

Fake browser updates spread updated WarmCookie malware

2024-10-02 18:22

A new 'FakeUpdate' campaign targeting users in France leverages compromised websites to show fake browser and application updates that spread a new version of the WarmCookie malware. [...]

#browser #malware #update

Arc browser launches bug bounty program after fixing RCE bug

2024-10-01 22:33

The Browser Company has introduced an Arc Bug Bounty Program to encourage security researchers to report vulnerabilities to the project and receive rewards. [...]

#bounty #browser #bugbounty #RCE

Necro Android Malware Found in Popular Camera and Browser Apps on Play Store

2024-09-24 16:13

Altered versions of legitimate Android apps associated with Spotify, WhatsApp, and Minecraft have been used to deliver a new version of a known malware loader called Necro. Kaspersky said some of...

#android #browser #malware #playstore

Malware locks browser in kiosk mode to steal Google credentials

2024-09-14 14:09

A malware campaign uses the unusual method of locking users in their browser's kiosk mode to annoy them into entering their Google credentials, which are then stolen by information-stealing malware. [...]

#browser #credential #google #malware

Qilin ransomware now steals credentials from Chrome browsers

2024-08-22 21:40

The Qilin ransomware group has been using a new tactic and deploys a custom stealer to steal account credentials stored in Google Chrome browser. [...]

#browser #chrome #credential #ransomware

Week in review: MS Office flaw may leak NTLM hashes, malicious Chrome, Edge browser extensions

2024-08-18 08:00

Unpatched MS Office flaw may leak NTLM hashes to attackersA new MS Office zero-day vulnerability can be exploited by attackers to grab users' NTLM hashes, Microsoft has shared late last week. Key metrics for monitoring and improving ZTNA implementationsIn this Help Net Security interview, Dean Hamilton, CTO at Wilson Perumal & Company, discusses the complexities of zero trust network access implementation, focusing on balancing security with operational efficiency.

#browser #chrome #edge #leak #ntlm #office

New Banshee Stealer Targets 100+ Browser Extensions on Apple macOS Systems

2024-08-16 08:28

Cybersecurity researchers have uncovered new stealer malware that's designed to specifically target Apple macOS systems. Dubbed Banshee Stealer, it's offered for sale in the cybercrime underground...

#apple #browser #macos #systems

Browser backdoors: Securing the new frontline of shadow IT

2024-08-13 04:30

Browser extensions are a prime target for cybercriminals. This isn't just a consumer problem - it's a new frontier in enterprises' battle against shadow IT. Ultimately, more extension permissions result in potentially bigger attack surfaces.

#backdoor #browser

Malware force-installs Chrome extensions on 300,000 browsers, patches DLLs

2024-08-09 15:19

An ongoing and widespread malware campaign force-installed malicious Google Chrome and Microsoft Edge browser extensions in over 300,000 browsers, modifying the browser's executables to hijack...

#browser #chrome #malware

It's 2024 and we're just getting round to stopping browsers insecurely accessing 0.0.0.0

2024-08-09 05:34

A years-old security oversight has been addressed in basically all web browsers - Chromium-based browsers, including Microsoft Edge and Google Chrome, WebKit browsers like Apple's Safari, and Mozilla's Firefox. According to Oligo, each of the three browsers' teams have promised to block all access to 0.0.0.0 and also enact their own mitigations to close the localhost loophole.

#browser

Security News {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Security News"}]}

Security News