Security News
Brian Krebs reported that X started automatically changing twitter.com links to x.com links. The problem is: it changed any domain name that ended with "Twitter.com," and it only changed the link's appearance, not the underlying URL. So if you were a clever phisher and registered fedetwitter.com, people would see the link as fedex.com, but it would send people to fedetwitter.com.
Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.
Google has introduced an updated Safe Browsing feature for Chrome on desktop and iOS, offering real-time protection against malicious sites while preserving user privacy. This enhancement allows Chrome to compare site URLs against Google's server-side database of known threats in real time, potentially blocking 25% more phishing attempts. Previously, Chrome relied on a locally-stored database updated every 30 to 60 minutes.The shift to server-side checks, announced in September 2023, aims to address the rapid growth of harmful websites and the brief existence of phishing domains. The new system checks URLs against cached safe URLs and previous Safe Browsing results. For URLs not in the cache,
Notably, Criminal IP, a Cyber Threat Intelligence search engine developed by AI SPERA, has integrated its IP address and URL scans into VirusTotal. VirusTotal aggregates data from various antivirus engines, website scanners, file and URL analysis tools, and user contributions.
A threat actor that security researchers call Prolific Puma has been providing link shortening services to cybercriminals for at least four years while keeping a sufficiently low profile to...
An ethical hacker has exploited a bug in the way X truncates URLs to take over a CIA Telegram channel used to receive intelligence. Kevin McSheehan, who uses the online handle "Pad," spotted the issue after hovering over the link to the CIA's Telegram channel displayed on its X social media profile.
A high-severity security flaw has been disclosed in the Python URL parsing function that could be exploited to bypass domain or protocol filtering methods implemented with a blocklist, ultimately resulting in arbitrary file reads and command execution. "Urlparse has a parsing problem when the entire URL starts with blank characters," the CERT Coordination Center said in a Friday advisory.
Apple is introducing major updates to Safari Private Browsing, offering users better protections against third-party trackers as they browse the web. "Advanced tracking and fingerprinting protections go even further to help prevent websites from using the latest techniques to track or identify a user's device," the iPhone maker said.
You might want to think twice before typing anything into Microsoft's Edge browser, as an apparent bug in a recent release of Redmond's Chromium clone appears to be funneling URLs you visit back to the Bing API. The issue, identified by Redditor HackerMcHackface in the r/browsers subreddit last week, appears to be related to an opt-out content aggregation feature in Edge, called Collections, which offers suggestions for online creators that users may want to follow. Beginning with Microsoft Edge build 112.0.1722.34, the Redditor notes that the default behavior had changed.
Security researchers and analysts can now search Microsoft's Threat Intelligence Defender database using file hashes and URLs when pulling together information for network intrusion investigations and whatnot. "Often, analysts must go to multiple repositories to obtain the critical data sets they need to assess a suspicious domain, host, or IP address," Redmond wrote earlier about Defender Threat Intelligence, aka Defender TI. "DNS data, WHOIS information, malware, and SSL certificates provide important context to indicators of compromise, but these repositories are widely distributed and don't always share a common data structure, making it difficult to ensure analysts have all relevant data needed to make a proper and timely assessment of suspicious infrastructure."