Security News

An ongoing campaign is targeting Facebook Business accounts with bogus messages to harvest victims' credentials using a variant of the Python-based NodeStealer and potentially take over their accounts for follow-on malicious activities. First documented by Meta in May 2023, NodeStealer originated as a JavaScript malware capable of pilfering cookies and passwords from web browsers to compromise Facebook, Gmail, and Outlook accounts.

Zero-Day Security Vulnerability Found in Chrome, Firefox and Other Browsers Updates are now available to patch a Chrome vulnerability that would allow attackers to run malicious code. It's time to update Google Chrome, Mozilla's Firefox or Thunderbird, Microsoft Edge, the Brave browser or Tor Browser; web development news site StackDiary has reported a zero-day vulnerability in all six browsers that could allow threat actors to execute malicious code.

Microsoft will soon allow users in the European Union, as well as from Iceland, Liechtenstein, and Norway, to once again open all links in Windows using their default web browser rather than forcing the use of Microsoft Edge. As the company said when it released Windows 11 Insider Preview Build 23531 to the Dev Channel on Friday, links in Windows systems apps will no longer open using Microsoft Edge, ignoring the users' browser of choice.

Pricing Is Arc available for Windows, Mac, Linux, Android and iOS? Key features of the Arc browser Arc's pros Arc's cons Alternatives to the Arc browser Review methodology Pricing. Not only has The Browser Company invested in a modern design, but Arc has a wide range of features for advanced and nonadvanced users.

A group of experts have recognized the pressing need for comprehensive browser security solutions and collaborated to develop "The Definitive Browser Security RFP Template." This resource helps streamline the process of evaluating and procuring browser security platforms. The RFP template offers numerous advantages for organizations seeking robust browser security solutions.

Google's plans to introduce the Web Environment Integrity API on Chrome has been met with fierce backlash from internet software developers, drawing criticism for limiting user freedom and undermining the core principles of the open web. Google says this is not a privacy risk as it does not enable cross-site user tracking and won't interfere with browser or plugins/extensions functionality.

The extension enabled threat actors to monitor browser history, take screenshots, and inject malicious scripts that targeted cryptocurrency exchanges. Multiple malicious extensions target user installations, leading to a real danger of data exfiltration and system compromise.

Browser-based emerging threats New browser-based social engineering trends. Three of the four new threats that debuted on our top ten malware list this quarter have strong ties to nation states, although this doesn't necessarily mean those malicious actors are in fact state-sponsored.

Learn how the Meduza Stealer malware works, what it targets and how to protect your company from this cybersecurity threat. New malware dubbed Meduza Stealer can steal information from a large number of browsers, password managers and cryptocurrency wallets, according to a report from cybersecurity company Uptycs.

In this Help Net Security interview, Mike Fey, CEO of Island, explains the differences between consumer browsers and the Island Enterprise Browser, how it protects organizations' data, and how it uses contextual information to provide users with a safe browsing experience. How does the Island Enterprise Browser create intelligent boundaries across users, devices, networks, and locations?