Web Browsers

Microsoft’s Internet Explorer zero-day workaround is breaking printers

Microsoft’s workaround for an unpatched vulnerability that is being exploited in targeted attacks by hackers appears to be breaking printers.

Whoops! LastPass accidentally deleted its browser extension from the Chrome store. But it’s back now

Someone at LastPass must be feeling 5!ck as a p4rr0t right now, after human error meant that its browser extension was accidentally deleted from the Chrome web store.

Although an embarrassing goof, it’s something of a storm in a teacup security-wise.

Microsoft issues Internet Explorer zero-day warning, but there’s no patch yet

Microsoft has warned Windows users that there is an unpatched zero-day vulnerability in Internet Explorer that is being exploited in targeted attacks.

Stop everything. Update Firefox now

A Firefox browser vulnerability that could allow attackers to take control of computers is being exploited in the wild.

Make sure you are running the very latest version of Firefox.

tripwire.com

CookieMiner malware targets Macs, steals passwords and SMS messages, mines for cryptocurrency

Security researchers have discovered a new Mac malware threat that appears to be a sophisticated attempt to raid cryptocurrency wallets.

Read more in my article on the Tripwire State of Security blog.

LastPass users automatically updated to fix security vulnerability in browser extension

Popular password manager LastPass says that it has fixed a vulnerability in its Chrome and Opera browser extensions that could have potentially seen an attacker steal the username and password previously filled-in by the software.

Fingerprinting iPhones with the built-in gyroscope

Some rather ingenious researchers have found a way to unique identify iPhones and iPads by examining data gathered from a device’s accelerometer, gyroscope and magnetometer sensors.

A third-party patch for Microsoft’s Internet Explorer zero-day vulnerability

Don’t want to wait for Microsoft to fix the problem in how Internet Explorer handles .MHT files? Other security researchers come to the rescue.

bitdefender.com

It doesn’t matter if you don’t use Internet Explorer, you could still be at risk from this IE zero-day vulnerability

Even if you don’t use Internet Explorer any more, it may still be posing a potential risk by being installed on your Windows PCs.

Read more in my article on the Hot for Security blog.

tripwire.com

Coinhive, the in-browser cryptomining service beloved by hackers, is dead

“To be completely honest, it isn’t economically viable anymore,” says Coinhive.

Read more in my article on the Tripwire State of Security blog.

Join me to learn more about Magecart attacks – and how to defend against them

Attacks that can silently skim payment data as it is entered on websites have become a huge problem.

Learn more about the likes of Magecart, and how to effectively combat such threats, in an upcoming free webinar.

bitdefender.com

Automatic 4K/HD for YouTube extension pulled from Chrome Store for pop-up ad abuse

A popular browser extension has been removed by Google from the Chrome Web Store after it started spamming users with irritating pop-up advertisements.

Read more in my article on the Hot for Security blog.

tripwire.com

Google Chrome extension warns if your password has been leaked

Google has released an optional extension for its Chrome browser that will trigger a visual warning if it determines you are using a username/password combination that it knows to be unsafe.

Read more in my article on the Tripwire State of Security blog.

tripwire.com

Malicious Chrome extension which sloppily spied on academics believed to originate from North Korea

Computer users are being reminded once again to take care over the browser extensions they install after security experts discovered a hacking campaign that has been targeting academic institutions since at least May 2018.

Read more in my article on the Tripwire State of Security blog.

bitdefender.com

Search for Chrome on Bing, and you might get a nasty surprise

It’s 2018, and you can still end up with your computer compromised by searching for Google Chrome in Microsoft Bing.

Read more in my article on the Hot for Security blog.

bitdefender.com

How to crash and restart an iPhone with a CSS-based web attack

A security researcher has revealed a method of crashing and restarting iPhones and iPads, with just a few lines of code that could be added to any webpage.

Read more in my article on the Hot for Security blog.