Archive for the ‘browser security’ Category

Firefox enables DNS-over-HTTPS by default (with Cloudflare) for all U.S. users

February 25th, 2020
If you use the Firefox web browser, here's an important update that you need to be aware of. Starting today, Mozilla is activating the DNS-over-HTTPS security feature by default for all Firefox users in the U.S. by automatically changing their DNS server configuration in the settings. That means, from now onwards, Firefox will send all your DNS queries to the Cloudflare DNS servers instead of

Posted in browser, browser security, CloudFlare, dns security, dns-over-https, DNS-over-TLS, Firefox, Mozilla, Secure dns, web browser | Comments (0)

500 Chrome Extensions Caught Stealing Private Data of 1.7 Million Users

February 14th, 2020
Google removed 500 malicious Chrome extensions from its Web Store after they found to inject malicious ads and siphon off user browsing data to servers under the control of attackers. These extensions were part of a malvertising and ad-fraud campaign that's been operating at least since January 2019, although evidence points out the possibility that the actor behind the scheme may have been

Posted in browser, browser security, chrome browser, chrome extension, cybersecurity, Privacy | Comments (0)

Avast and AVG Browser Extensions Spying On Chrome and Firefox Users

December 3rd, 2019
If your Firefox or Chrome browser has any of the below-listed four extensions offered by Avast and its subsidiary AVG installed, you should disable or remove them as soon as possible. Avast Online Security AVG Online Security Avast SafePrice AVG SafePrice Why? Because these four widely installed browser extensions have been caught collecting a lot more data on its millions of users than

Posted in antivirus, avast, AVG antivirus, Browser extensions, browser security, chrome extension, Firefox, Firefox addons, Privacy, web browsing history | Comments (0)

Explained: How New ‘Delegated Credentials’ Boosts TLS Protocol Security

November 6th, 2019
Mozilla, in partnership with Facebook, Cloudflare, and other IETF community members, has announced technical specifications for a new cryptographic protocol called "Delegated Credentials for TLS." Delegated Credentials for TLS is a new simplified way to implement "short-lived" certificates without sacrificing the reliability of secure connections. In short, the new TLS protocol extension aims

Posted in browser security, cyber security, Delegated Credentials, Delegated Credentials for TLS, server security, ssl security, SSL TLS security, TLS encryption, website encryption, website security | Comments (0)

Chrome for Android Enables Site Isolation Security Feature for All Sites with Login

October 17th, 2019
After enabling 'Site Isolation' security feature in Chrome for desktops last year, Google has now finally introduced 'the extra line of defence' for Android smartphone users surfing the Internet over the Chrome web browser. In brief, Site Isolation is a security feature that adds an additional boundary between websites by ensuring that pages from different sites end up in different sandboxed

Posted in Android, browser security, Chrome Android, Chrome Web Browser, Firefox, Google Chrome, hacking back accounts, secure web browser, website security | Comments (0)

Firefox Blocks Inline and Eval JavaScript on Internal Pages to Prevent Injection Attacks

October 15th, 2019
In an effort to mitigate a large class of potential cross-site scripting issues in Firefox, Mozilla has blocked execution of all inline scripts and potentially dangerous eval-like functions for built-in "about: pages" that are the gateway to sensitive preferences, settings, and statics of the browser. Firefox browser has 45 such internal locally-hosted about pages, some of which are listed

Posted in arbitrary code execution, browser hacking, browser security, Firefox, hacking news, HTML, JavaScript, javascript exploit, javascript injection, Web developer | Comments (0)

Over A Billion Malicious Ad Impressions Exploit WebKit Flaw to Target Apple Users

October 1st, 2019
The infamous eGobbler hacking group that surfaced online earlier this year with massive malvertising campaigns has now been caught running a new campaign exploiting two browser vulnerabilities to show intrusive pop-up ads and forcefully redirect users to malicious websites. To be noted, hackers haven't found any way to run ads for free; instead, the modus operandi of eGobbler attackers

Posted in Apple Safari, browser security, browser vulnerability, chrome browser, eGobbler, hacking news, malicious advertisement, Malvertising, malware, safari vulnerability, WebKit | Comments (0)

1-Click iPhone and Android Exploits Target Tibetan Users via WhatsApp

September 24th, 2019
A team of Canadian cybersecurity researchers has uncovered a sophisticated and targeted mobile hacking campaign that is targeting high-profile members of various Tibetan groups with one-click exploits for iOS and Android devices. Dubbed Poison Carp by University of Toronto's Citizen Lab, the hacking group behind this campaign sent tailored malicious web links to its targets over WhatsApp,

Posted in Android hacking, browser exploit, browser security, cyber security, hacking news, iPhone hacking, Tibetan | Comments (0)

Update Google Chrome Browser to Patch New Critical Security Flaws

September 19th, 2019
Google has released an urgent software update for its Chrome web browser and is urging Windows, Mac, and Linux users to upgrade the application to the latest available version immediately. Started rolling out to users worldwide this Wednesday, the Chrome 77.0.3865.90 version contains security patches for 1 critical and 3 high-risk security vulnerabilities, the most severe of which could allow

Posted in browser security, browser vulnerability, chrome browser, Google Chrome, hacking computers, Use-After-Free Vulnerabilities, Vulnerability | Comments (0)

Google Chrome to Introduce Improved Cookie Controls Against Online Tracking

May 8th, 2019
At the company's I/O 2019 developer conference, Google has announced its plan to introduce two new privacy and security-oriented features in the upcoming versions of its Chrome web browser. In an attempt to allow users to block online tracking, Google has announced two new features—Improved SameSite Cookies and Fingerprinting Protection—that will be previewed by Google in the Chrome web

Posted in browser cookies, browser fingerprinting, browser security, google, Google Chrome, Google Developer Conference, Google IO Conference, https cookies, SameSite Cookies, tracking cookies | Comments (0)