Security News

Google has started to roll out its new interest-based advertising platform called the Privacy Sandbox, shifting the tracking of user's interests from third-party cookies to the Chrome browser. While Google states that the Privacy Sandbox is designed to increase privacy by letting your web browser compute your interests locally rather than through cookies, Apple, Mozilla, and the WC3 TAG have cited numerous issues with the proposal.

Google announced today that it is deprecating the standard Google Chrome Safe Browsing feature and moving everyone to its Enhanced Safe Browsing feature in the coming weeks, bringing real-time phishing protection to all users while browsing the web. Since 2007, Google Chrome has utilized a Safe Browsing security feature that protects users from malicious websites that push malware or display phishing pages.

The Chaes malware has returned as a new, more advanced variant that includes a custom implementation of the Google DevTools protocol for direct access to the victim's browser functions, allowing it to steal data using WebSockets. A new feature that stands out is Chaes' use of the Chrome DevTools Protocol to steal data from the web browser, including the real-time modification of web pages, execution of JavaScript code, debugging, network request management, memory management, cookie and cache management, and more.

A team of researchers from the University of Wisconsin-Madison has uploaded to the Chrome Web Store a proof-of-concept extension that can steal plaintext passwords from a website's source code. An examination of the text input fields in web browsers revealed that the coarse-grained permission model underpinning Chrome extensions violates the principles of least privilege and complete mediation.

Google will be extending the Safety check feature within the Chrome browser to alert users when a previously installed extension is no longer available in the Chrome Web Store. Starting in Chrome 117, which is due to be released in September 2023, the browser will highlight if an extension they use has been unpublished by the developer, has been taken down for violating Chrome Web Store policy, or has been labeled as malware.

Google is testing a new feature in the Chrome browser that will warn users when an installed extension has been removed from the Chrome Web Store, usually indicative of it being malware. The problem is that these extensions are churned out quickly, with the developers releasing new ones just as Google removes old ones from the Chrome Web Store.

Google has announced plans to add a new feature in the upcoming version of its Chrome web browser to alert users when an extension they have installed has been removed from the Chrome Web Store. The feature, set for release alongside Chrome 117, allows users to be notified when an add-on has been unpublished by a developer, taken down for violating Chrome Web Store policy, or marked as malware.

Security teams now have to find a way to adjust their security architecture to this new cloud workload. Some teams may rely on their existing network security solutions. Google offers a wide range of native security functionalities built-in to Chrome.

The Chocolate Factory is doing so because some day, many very bright people believe, quantum computers will be able to break at least some legacy encryption schemes. Google in 2019 said it had conducted an experiment that demonstrated quantum supremacy - the idea that a quantum computer could outperform a classical one.

"I'm fortunate to have a job that pays well enough to allow me to keep my moral compass and ignore all of these propositions. I realize that not everyone has the same financial security so hopefully this thread would shed some light on what kind of pressure is put on extension developers." Chrome extensions are 'the new rootkit' say researchers What happens when a Chrome extension with 2m+ users changes hands, raises red flags, doesn't document updates? Let's find out Chrome Web Store slammed again after 295 ad-injecting, spammy extensions downloaded 80 million times.