Security News
People can generally hear audio frequencies ranging from 20 Hz and 20,000 Hz, though individual hearing ranges vary. Samuel Weiler, a web security engineer with MIT CSAIL and a member of the W3C's Privacy Interest Group, recently pushed to re-open a discussion about limiting the Web Audio API so that it cannot be used to generate or listen for ultrasonic signals without permission.
Recorded Future this week announced the availability of Express, a free web browser extension designed to help security teams prioritize vulnerability patching and alerts from security information and event management tools. The extension is currently available for Chrome and Firefox, and once it's installed an icon with the Recorded Future logo will be added to the browser's toolbar.
If you own a Xiaomi smartphone or have installed the Mi browser app on any of your other brand Android device, you should enable a newly introduced privacy setting immediately to prevent the company from spying on your online activities. The smartphone maker has begun rolling out an update to its Mi Browser/Mi Browser Pro and Mint Browser after concerns were raised over its practice of transmitting web browsing histories and device metadata to the company servers.
If you own a Xiaomi smartphone or have installed the Mi browser app on any of your other brand Android device, you should enable a newly introduced privacy setting immediately to prevent the company from spying on your online activities. The smartphone maker has begun rolling out an update to its Mi Browser/Mi Browser Pro and Mint Browser after concerns were raised over its practice of transmitting web browsing histories and device metadata to the company servers.
A Forbes report last week outlined how some Xiaomi Android phones track their owners' web browsing and online activities. It was claimed the handsets' bundled Xiaomi browser collects things like browsing history, search queries, and news feed activity, and sends the data off to servers in China, even in private incognito mode.
Researchers are warning of a remote overlay malware attack that leverages a fake Chrome browser plugin to target the accounts of banking customers in Spain. Grandoreiro is a type of remote overlay banking trojan, designed to help attackers overtake devices and display a full-screen overlay image when victim accesses their online banking account.
Security solutions provider Avast this week announced the launch of an Android version of its Avast Secure Browser. Previously available for Windows and macOS, the browser aims to provide users with increased security and privacy while navigating the Internet, shopping, or accessing their bank accounts on their Android devices.
Avast has released an Android version of Avast Secure Browser to extend its platform support beyond Windows and Mac on desktop to mobile. Avast Secure Browser for Android was developed following Avast's 2019 acquisition of Tenta, a private browser backed by Blockchain pioneers ConsenSys, and has been built from the ground up by privacy and cybersecurity engineers focused on total encryption.
Mozilla has released security updates for its Firefox browser in conjunction with a US Cybersecurity and Infrastructure Security Agency advisory warning that critical vulnerabilities in the browser are being actively exploited. To address these flaws, Firefox was updated to version 74.0.1 and Firefox Extended Support Release - a slower evolving version for enterprises - was updated to 68.6.1.
Mozilla just pushed out an update for its Firefox browser to patch a security hole that was already being exploited in the wild. Given that the bug needed patching in both the latest and the ESR versions, we can assume either that the vulnerability has been in the Firefox codebase at least since version 68 first appeared, which was back in July 2019, or that it was introduced as a side effect of a security fix that came out after version 68.0 showed up.0, so the ESR is popular with IT departments who want to avoid frequent feature updates that might require changes in company workflow, but don't want to lag behind on security patches.