Security News

On Thursday Microsoft warned that there's an ongoing campaign to distribute malware that modifies web browsers to conduct credential theft and ad fraud. Since at least May, 2020, unidentified cybercriminals have been distributing a family of browser modifiers dubbed Adrozek, Microsoft said.

Google, which makes most of its money from online ads, insists it wants ad blockers to continue working under the latest, more locked-down iteration of its Chrome browser extension platform, known as Manifest v3. As a way to measure the problem, Alexandre Blondin, Chrome product manager, pointed out in a blog post on Wednesday that when Google integrated the Chrome Web Store with its Google Safe Browsing infrastructure, "The number of malicious extensions that Chrome disabled to protect people grew by 81 percent."

Google has updated its Chrome web browser, fixing four bugs with a severity rating of "High" and eight overall. An updated 87.0.4280.88 version of Chrome addresses the bugs and will "Roll out over the coming days/weeks," Google wrote.

While Jupyter's purpose is to collect data from various software, the malicious code supporting its delivery can also be used to create a backdoor on an infected system. A variant of the malware emerged during an incident response engagement in October at a University in the U.S. But forensic data indicates that earlier versions have been developed since May. Researchers at cybersecurity company Morphisec discovered that the developers of the attack kit were highly active, some components receiving more than nine updates in a single month.

Google has patched two more zero-day flaws in the Chrome web browser for desktop, making it the fourth and fifth actively exploited vulnerabilities addressed by the search giant in recent weeks. Tracked as CVE-2020-16013 and CVE-2020-16017, the flaws were discovered and reported to Google by "Anonymous" sources, unlike previous cases, which were uncovered by the company's Project Zero elite security team.

A heavily obfuscated and malicious NPM project is used to steal Discord user tokens and browser information from unsuspecting users. Due to this open system, it is becoming common for malicious actors to upload malicious modules that steal data, download and execute programs, or perform malicious behavior when used in other projects.

Web browser vendors are planning to block a new attack technique that would allow attackers to bypass a victim's NAT, firewall, or router to gain access to any TCP/UDP service hosted on their devices. To expose hosted services, the attack abuses certain NAT devices scanning port 5060 to create port forwarding rules when detecting maliciously-crafted HTTP requests camouflaged as valid SIP requests.

The vulnerability is tied to Google's open source JavaScript and WebAssembly engine called V8. In its disclosure, the flaw is described as an "Inappropriate implementation in V8". Clement Lecigne of Google's Threat Analysis Group and Samuel Gross of Google Project Zero discovered the Chrome desktop bug on Oct. 29, according to a blog post announcing the fixes by Prudhvikumar Bommana of the Google Chrome team. "Today Chrome fixed two more vulnerabilities that were being actively exploited in the wild. CVE-2020-16009 is a v8 bug used for remote code execution, CVE-2020-16010 is a Chrome sandbox escape for Android," he wrote.

Google has patched a second actively exploited zero-day flaw in the Chrome browser in two weeks, along with addressing nine other security vulnerabilities in its latest update. The zero-day flaw, tracked as CVE-2020-16009, was reported by Clement Lecigne of Google's Threat Analysis Group and Samuel Groß of Google Project Zero on October 29.

Brave Browser, the privacy-focused web browser, announced today that it grew in usage by over 130% in its first year of the release of its 'Stable' version. On November 13th, 2019, Brave Browser released its first Stable version after it had already accumulated 8.7 million monthly active users and 3 million daily active users during its Beta period.