Security News

Google this week released Chrome 83 to the stable channel with patches for a total of 38 vulnerabilities, with improved Safe Browsing protection, and updated privacy and security controls. The newly introduced Enhanced Safe Browsing protection in Chrome is meant to provide users with a more advanced level of security while browsing the web, by increasing protection from dangerous websites and downloads.

Google has released version 83 of it's popular Chrome web browser, which includes new security and privacy features and fixes for security issues. The enhanced Safe Browsing mode will allow users to get a more personalized protection against malicious sites.

Google deleted 49 malicious Chrome extensions from the Chrome Web Store in mid-April after Harry Denley, director of security at MyCrypto, found them phishing cryptocurrency users. The extensions impersonate Chrome extensions for legitimate cryptocurrency wallets, but when installed they pilfer the users' private keys and other secrets used to access digital wallets so that their authors can steal victims' funds.

Three weeks after Google removed 49 Chrome extensions from its browser's software store for stealing crypto-wallet credentials, 11 more password-swiping add-ons have been spotted - and some are still available to download. The dodgy add-ons masquerade as legit crypto-wallet extensions, and invite people to type in their credentials to access their digital money, but are totally unofficial, and designed to siphon off those login details to crooks. Denley provided The Register with a list of extension identifiers, previously reported to Google, and we were able to find some still available in the Chrome Web Store at time of writing.

Developers use a number of ways to breed extensions like a bunch of spam bunnies in Google's Chrome Web Store, which is the biggest extension catalog online. User Ratings, Reviews, and Installs: Developers are forbidden from manipulating their extensions' placement in the Chrome Web Store by doing things like cooking up bogus downloads, reviews or ratings.

With Google Chrome being by far the most widely used web browser, Google must constantly tweak protections, rules and policies to keep malicious, unhelpful and otherwise potentially unwanted extensions out of the Chrome Web Store. The latest change of that kind has been announced for August 27th 2020, when Google plans to boot from the CWS "Low-quality and misleading" Chrome extensions.

Google this week announced a new set of rules for its Chrome Web Store, meant to ensure that developers don't spam users with extensions that have similar functionality. The Chrome Web Store has been available since 2011, offering a total of more than 200.000 browser extensions that allow users to easily customize their browsing experience in Chrome.

We discuss the biggest cybersecurity news stories of the week. New podcast episode out now!

Google just issued a Chrome update with a note that says, "This update includes 1 [critical] security fix." The bug itself is still a secret, even though the Chromium core of the Chrome browser is an open source project.

GitHub has released technical information on six vulnerabilities identified by one of its security researchers in the WebAudio component of Chrome. The researcher started looking for Chrome vulnerabilities while he was working for Semmle, which GitHub acquired last year for its code analysis platform.