Tag: browser

Critical Chrome Vulnerabilities Lets Attackers Execute Arbitrary Code Remotely

Dec 19, 2024 9:42 AM

Tags: browser, chrome, cyber, google, update, vulnerability, windows

Google has released a new security update on the Stable channel, bringing Chrome to version 131.0.6778.204/.205 for Windows and Mac and 131.0.6778.204 for Linux. This update addresses multiple high-severity vulnerabilities, ensuring enhanced safety for users. The rollout will occur gradually over the coming days and weeks. Highlighted Security Fixes The latest Chrome release includes fixes for five vulnerabilities, of…
Chrome Security Update, Patch for Multiple Security Flaws

Dec 19, 2024 8:42 AM

Tags: browser, chrome, cyber, flaw, google, update, vulnerability, windows

Google has released a new security update on the Stable channel, bringing Chrome to version 131.0.6778.204/.205 for Windows and Mac and 131.0.6778.204 for Linux. This update addresses multiple high-severity vulnerabilities, ensuring enhanced safety for users. The rollout will occur gradually over the coming days and weeks. Highlighted Security Fixes The latest Chrome release includes fixes for five vulnerabilities, of…
Drei kritische Schwachstellen – Google veröffentlicht kritisches Update für Chrome

Dec 16, 2024 7:42 AM

Tags: browser, chrome, google, update, vulnerability

First seen on security-insider.de Jump to article: www.security-insider.de/-google-chrome-sicherheitsupdate-kritische-schwachstellen-a-a96dd2e24efba2cd39241e97c6b69ed8/
Mozilla retires ‘Do Not Track’ option from Firefox browser

Dec 12, 2024 10:05 PM

Tags: browser

First seen on scworld.com Jump to article: www.scworld.com/news/mozilla-retires-do-not-track-option-from-firefox-browser
2024 Recap: 8 Notable and Dangerous Chrome Vulnerabilities

Dec 12, 2024 9:05 PM

Tags: browser, chrome, exploit, flaw, google, malicious, risk, vulnerability

With a market share of 66.68%, Google Chrome remains a prime target for cyberattacks. In 2024, this widely used browser faced numerous critical Chrome vulnerabilities that put businesses and individuals at risk and led to significant damage. Attackers exploited these flaws to bypass security measures, steal sensitive information, and deploy malicious payloads. Security managers are……
Firefox ditches Do Not Track because nobody was listening anyway

Dec 12, 2024 10:05 AM

Tags: browser

Few websites actually respect the option, says Mozilla First seen on theregister.com Jump to article: www.theregister.com/2024/12/12/firefox_do_not_track/
SPA is for Single-Page Abuse! Using Single-Page Application Tokens to Enumerate Azure

Dec 10, 2024 6:07 PM

Tags: access, api, attack, authentication, browser, chrome, cloud, control, data, detection, google, government, guide, identity, macOS, mfa, microsoft, network, office, powershell, RedTeam, technology, tool, update, windows

Author: Lance B. Cain Overview Microsoft Azure is a leading cloud provider offering technology solutions to companies, governments, and other organizations around the globe. As such, many entitles have begun adopting Azure for their technology needs to include identity, authentication, storage, application management, and web services. One of the most common methods for organizations to begin…
EDR-Software ein Kaufratgeber

Dec 10, 2024 6:07 AM

Tags: ai, android, api, backup, browser, chrome, cloud, computing, crowdstrike, cyberattack, detection, edr, endpoint, firewall, identity, incident response, intelligence, iot, kubernetes, linux, macOS, mail, malware, microsoft, network, ransomware, risk, siem, soar, software, sophos, threat, tool, windows, zero-day
Apple-Passwörter in Chrome, Edge und Firefox nutzen: So geht es unter Windows und macOS

Dec 5, 2024 7:48 PM

Tags: apple, browser, chrome, macOS, password, windows

First seen on t3n.de Jump to article: t3n.de/news/apple-passwoerter-chrome-edge-firefox-windows-macos-1661732/
Google Chrome Security Update, Patch for High-severity Vulnerability

Dec 4, 2024 10:48 AM

Tags: browser, chrome, cyber, google, update, vulnerability, windows

Google has released a significant security update for its Chrome browser, aiming to address several vulnerabilities and enhance user safety. The Stable channel has been updated to version 131.0.6778.108/.109 for Windows, and Mac, and version 131.0.6778.108 for Linux. These updates will be gradually rolled out to users over the coming days and weeks. According to…
SmokeLoader picks up ancient MS Office bugs to pack fresh credential stealer

Dec 3, 2024 2:48 PM

Tags: access, antivirus, attack, browser, credentials, cve, cvss, data, email, exploit, flaw, fortinet, framework, healthcare, login, malicious, malware, microsoft, office, phishing, remote-code-execution, risk, software, threat, vulnerability, windows

Threat actors are using a well-known modular malware loader, SmokeLoader, to exploit known Microsoft Office vulnerabilities and steal sensitive browser credentials.The loader which runs a framework to deploy multiple malware modules, was observed by Fortinet’s FortiGuard Labs in attacks targeting manufacturing, healthcare, and IT companies in Taiwan.”SmokeLoader, known for its ability to deliver other malicious…
Intelligent Privilege Controls: A quick guide to secure every identity

Dec 3, 2024 5:48 AM

Tags: access, ai, attack, authentication, browser, business, chrome, cloud, control, credentials, cybercrime, cybersecurity, data, defense, detection, endpoint, exploit, finance, guide, identity, infrastructure, jobs, malicious, mfa, password, phishing, risk, saas, service, social-engineering, threat, unauthorized, update, zero-trust

Security used to be simpler. Employees, servers, and applications were on site. IT admins were the only privileged identities you had to secure, and a strong security perimeter helped to keep all the bad guys out.Times have changed. Attackers targeting identities is not new. What’s different is the dramatic increase in the quantities and types…
Mozilla really wants you to set Firefox as default Windows browser

Dec 2, 2024 9:48 PM

Tags: browser, switch, windows

In an effort to turn the tide, Mozilla is testing a fresh approach that could persuade more people to switch their default browser on Windows during the installation of the browser. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/software/mozilla-really-wants-you-to-set-firefox-as-default-windows-browser/
Mozilla really wants you to easily set Firefox as default Windows browser

Dec 2, 2024 3:28 PM

Tags: browser, switch, windows

Mozilla is testing a fresh approach that could persuade more people to switch their default browser on Windows. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/software/mozilla-really-wants-you-to-easily-set-firefox-as-default-windows-browser/
Google Chrome’s AI feature lets you quickly check website trustworthiness

Dec 2, 2024 12:28 PM

Tags: ai, browser, chrome, google

Google Chrome’s upcoming feature uses AI to provide a summary of reviews from independent websites about the store or website you’re visiting. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/google/google-chromes-ai-feature-lets-you-quickly-check-website-trustworthiness/
Zscaler und Google bieten gemeinsam umfangreichen Zero Trust-Schutz an

Dec 1, 2024 7:27 PM

Tags: access, browser, chrome, google, zero-trust

Diese Zusammenarbeit bringt die sicherste Private App Access-Lösung von Zscaler mit den fortschrittlichen Sicherheitsfunktionen von Chrome Enterprise … First seen on infopoint-security.de Jump to article: www.infopoint-security.de/zscaler-und-google-bieten-gemeinsam-umfangreichen-zero-trust-schutz-an/a37310/
Cloudflare revolutioniert Web-Performance mit Speed Brain

Dec 1, 2024 4:26 PM

Tags: api, browser, chrome

Speed Brain basiert auf der Chrome Speculation-Rules-API, die es ermöglicht, das Laden von Seiten vorzeitig zu starten, indem sie mögliche Interaktion… First seen on infopoint-security.de Jump to article: www.infopoint-security.de/cloudflare-revolutioniert-web-performance-mit-speed-brain/a38423/
Ransomware-Gruppe hat Nutzer von Google Chrome im Visier

Dec 1, 2024 12:23 PM

Tags: browser, chrome, google, malware, ransomware

Die Ransomware-Gruppe Qilin greift derzeit offenbar nicht nur mit Malware an, sondern stiehlt zusätzlich gespeicherte Anmeldeinformationen aus Chrome-… First seen on 8com.de Jump to article: www.8com.de/cyber-security-blog/ransomware-gruppe-hat-nutzer-von-google-chrome-im-visier
RomCom nutzt Firefox und WindowsDay-Schwachstellen aus

Dec 1, 2024 12:28 AM

Tags: browser, bug, exploit, microsoft, vulnerability, windows, zero-day

ESET Forscher finden bisher unbekannte Sicherheitslücke in Mozilla-Produkten und eine weitere Schwachstelle in Microsoft Windows, die in einem Zero-Click-Exploit kombiniert wurde First seen on welivesecurity.com Jump to article: www.welivesecurity.com/de/eset-research/romcom-nutzt-firefox-und-windows-zero-day-schwachstellen-aus/
Google Introduces V8 Sandbox in Chrome to Enhance Security

Dec 1, 2024 12:18 AM

Tags: browser, chrome, google

Google has unveiled a new feature called the V8 Sandbox in its Chrome web browser to address memory corruption issues, aiming to protect against vulne… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/google-chrome-v8-sandbox/
Google Patches Chrome’s Fifth Zero-Day of the Year

Dec 1, 2024 12:18 AM

Tags: browser, chrome, google, zero-day

First seen on threatpost.com Jump to article: threatpost.com/google-patches-chromes-fifth-zero-day-of-the-year/180432/
Deutsche im Visier: Wie Hacker Nutzer per Firefox angreifen ohne dass sie klicken müssen

Nov 29, 2024 7:30 PM

Tags: browser, hacker

First seen on t3n.de Jump to article: t3n.de/news/deutsche-im-visier-hacker-nutzer-per-firefox-angreifen-1660477/
New RomCom attacks involve Windows, Firefox zero-day exploits

Nov 27, 2024 10:01 PM

Tags: attack, browser, exploit, windows, zero-day

First seen on scworld.com Jump to article: www.scworld.com/brief/new-romcom-attacks-involve-windows-firefox-zero-day-exploits
Russian APT RomCom combines Firefox and Windows zero-day flaws in drive-by exploit

Nov 27, 2024 8:11 PM

Tags: access, antivirus, apt, attack, backdoor, browser, business, computer, cve, cybercrime, cyberespionage, defense, endpoint, exploit, flaw, germany, government, group, insurance, intelligence, malicious, microsoft, msp, password, powershell, russia, software, threat, ukraine, vulnerability, windows, zero-day

A Russia-aligned group that engages in both cybercrime and cyberespionage operations used a zero-click exploit chain last month that combined previously unknown and unpatched vulnerabilities in Firefox and Windows.The campaign, whose goal was to deploy the group’s RomCom backdoor on computers, targeted users from Europe and North America. The APT group, also known as Storm-0978,…
Russian Hackers Exploit Firefox and Windows 0-Days to Deploy Backdoor

Nov 27, 2024 6:11 PM

Tags: backdoor, browser, exploit, group, hacker, russia, windows, zero-day

Watch out for the Russian hackers from the infamous RomRom group, also known as Storm-0978, Tropical Scorpius, or UNC2596, and their use of a custom backdoor. First seen on hackread.com Jump to article: hackread.com/russian-hackers-firefox-windows-0-days-backdoor/
Kein Klick nötig: Russische Hacker attackieren Windows-Nutzer via Firefox

Nov 27, 2024 2:12 PM

Tags: browser, cyberattack, germany, hacker, windows

Für einen erfolgreichen Angriff reicht der bloße Besuch einer speziell präparierten Webseite. Deutschland ist bei den Zielregionen ganz vorne mit dabei. First seen on golem.de Jump to article: www.golem.de/news/kein-klick-noetig-russische-hacker-attackieren-windows-nutzer-via-firefox-2411-191188.html
Hackers Exploit Firefox and Windows Flaws: RomCom’s Advanced Attack Unveiled

Nov 27, 2024 12:10 PM

Tags: attack, backdoor, browser, cve, exploit, flaw, group, hacker, hacking, malicious, microsoft, russia, vulnerability, windows, zero-day

A Russia-aligned hacking group, known as RomCom (also identified as Storm-0978, Tropical Scorpius, or UNC2596), has successfully exploited two zero-day vulnerabilities”, one in Mozilla Firefox and another in Microsoft Windows Task Scheduler. These vulnerabilities, identified as CVE-2024-9680 and CVE-2024-49039, were chained together to allow the group to execute arbitrary code and install malicious backdoors on…
Russian RomCom APT Group Leverages Zero-Day Flaws in Firefox and Windows

Nov 27, 2024 12:10 PM

Tags: apt, attack, browser, exploit, flaw, group, hacker, russia, vulnerability, windows, zero-day

Russia-backed hackers, known as RomCom, have exploited critical zero-day vulnerabilities in Mozilla Firefox and Windows to launch targeted attacks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/romcom-apt-zeroday-flaws-firefox/
Russian APT Chained Firefox and Windows Zero-Days Against US and European Targets

Nov 27, 2024 11:10 AM

Tags: apt, backdoor, browser, russia, windows, zero-day

The Russia-linked RomCom APT has been observed chaining two zero-days in Firefox and Windows for backdoor delivery. The post Russian APT Chained Firefox and Windows Zero-Days Against US and European Targets appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/russian-apt-chained-firefox-and-windows-zero-days-against-us-and-european-targets/
Russian group RomCom exploited Firefox and Tor Browser zero-days to target attacks Europe and North America

Nov 27, 2024 10:11 AM

Tags: attack, browser, cybercrime, exploit, group, russia, usa, vulnerability, zero-day

The Russian RomCom group exploited Firefox and Tor Browser zero-day vulnerabilities in attacks on users in Europe and North America. Russian-based cybercrime group RomCom (aka UAT-5647, Storm-0978, Tropical Scorpius, UAC-0180, UNC2596) exploited two Firefox and Tor Browser zero-day vulnerabilities in recent attacks on users across Europe and North America. The first zero-day exploited by the Russian group, is a use-after-free…