Bandit Stealer malware is promoted by the hacker developers as the most advanced information stealer available to threat actors. It can exfiltrate data from most popular browsers including usernames and cookies and other system information such as IP addresses and details of a victim’s computer. The Telegram messaging app is …
Microsoft Edge edging out Internet Explorer 11
Just a reminder that Internet Explorer is no more (almost) and you need to be using a more secure browser. Take your pick, I use Edge and Chrome, many of my support team use Firefox, but whatever you choose it needs to be able to resist the latest exploits and …
Continue reading “Microsoft Edge edging out Internet Explorer 11”
Spell checkers leaking passwords to Microsoft and Google!
Here is a security concern that you may not have thought of. The enhanced (not the basic one the products ship with) spell check functionality in Microsoft Edge and Google Chrome sends information back and forth between your machine and their servers but it appears this information can include personally …
Continue reading “Spell checkers leaking passwords to Microsoft and Google!”
Web browser extensions a great idea for functionality but also a cyber security risk – what can you do?
Most browsers offer the option of adding extensions that will add functionality to the browser, however, of course, the threat actors exploit these to carry out various cyber attacks: Chrome extensions with 1.4 million installs steal browsing data (bleepingcomputer.com) Here are the extensions that the McAfee researchers discovered: Netflix Party (mmnbenehknklpbendgmgngeaignppnbe) …
Google Chrome exploited zero-day vulnerability fixed
Google fixes fifth Chrome zero-day bug exploited this year (bleepingcomputer.com)
Anonymous browsing – not anymore
Researchers from the New Jersey Institute of Technology have written a paper, which they will present at the Usenix Security Symposium in Boston, demonstrating how threat actors (or governments or law enforcement) could de-anonymise a users from their browsing habits. The attackers would analyse browsing activity and state to determine …
Vulnerabilities, come, get fixed, go and come back…
Vendors put a lot of effort into keeping their software secure from hackable vulnerabilities, with patches and updates, but the threat actors never give up looking. Here is an instance of an old vulnerability in Apple’s Safari web browser coming back: Refactoring code in WebKit resurrected ‘zombie’ security bug • …
Continue reading “Vulnerabilities, come, get fixed, go and come back…”