Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Avast_Security_News: Google pulls 106 malicious Chrome extensions
#1
Information 
Quote:
[Image: TVDumYE.png]

Plus, more newsbytes of the week including an iOS flaw and Twitter billing leak

Security researchers have discovered what they believe to be a global surveillance campaign whereby attackers were using malicious Google Chrome browser extensions to steal data and spy on over 100 networks. Threatpost reported that the researchers suspect millions of Chrome users were targeted across the industries of financial services, oil and gas, media and entertainment, healthcare and pharmaceuticals, and government organizations. The malicious extensions could surreptitiously take screenshots, log keystrokes, read the clipboard, and more. They were free and marketed as browser helpers that convert files or alert users when they land on a suspicious website. After reading the report, Google removed 106 browser extensions from the Chrome Web Store. 

The researchers also maintain that Israel-based domain registrar CommuniGal Communication Ltd. (GalComm) assisted in the covert operations, as they found over a hundred malicious extensions using GalComm domains as loader pages or command and control bases. GalComm owner Moshe Fogel told Reuters that the company has not engaged in any wrongdoing or malicious activity whatsoever. 

“It’s only normal for cybercriminals to target Chrome, as it’s the leader in browsers with 68% market share,” commented Avast Security Evangelist Luis Corrons.

“Regarding extensions, it’s best if we limit ourselves to those developed by known companies. There are other solutions out there as well, such as
Avast Secure Browser.”

iOS clipboard flaw puts users at risk

A vulnerability in the iOS clipboard function allows any active app to access its contents without notifying the user. According to Forbes, the flaw – which also affects the Universal Clipboard, enabling the mobile apps to read associated desktop clipboards as well – was discovered in February 2020, at which time the researchers alerted Apple. They say Apple insisted that the clipboard function was running perfectly at the time. However, the recent announcement of iOS14, coming this fall, includes a fix for the flaw in precisely the fashion recommended initially by the researchers. 

This week’s stat
1.3 million

The number of records stolen from the popular Stalker Online game and sold on the dark web. Read more at InfoSecurity.

80,000 printers exposed online

The nonprofit organization Shadowserver Foundation, committed to improving cybersecurity practices around the world, published a report warning companies about leaving printers exposed online. Printers connected to the internet without access controls or authorization mechanisms in place are vulnerable to attacks such as data theft, service tampering, and remote command execution. Scanning billions of routable addresses around the world, the researchers found a daily average of 80,000 exposed printers online. Users are advised to enable their printer security functions. 

Ransomware disguises as COVID-19 tracer app

Just days after Health Canada announced the development of a voluntary COVID-19 contact tracing app, a phony app appeared on a couple of fraudulent websites, pretending to be the official tracing app but actually hiding a new strain of ransomware. As soon as they were discovered to be malicious, the two domains offering the fake tracing app were shut down. The real Health Canada COVID-19 app is expected to be ready sometime in July. More on this story at ZDNet

This week’s quote

“I don’t think schools can protect students against themselves to the extent that they could and should be protected. The toothpaste is never going back in the tube.” – Colin Bastable, CEO of Lucy Security, a cybersecurity training company, on securing K-12 students while schooling remotely.

Twitter informs customers of exposed billing details

Social network giant Twitter emailed its business customers this week to warn them of a security lapse that may have put their billing information at risk.

Standard procedure had been to store business clients’ billing data in the browser’s cache, but this made the information vulnerable to being accessed by others.

Data stored in the cache included email addresses, phone numbers, and the last four digits of the user’s credit card. “As soon as we discovered this was happening, we resolved the issue and communicated to potentially impacted clients to make sure they were aware and informed on how to protect themselves moving forward,” Twitter spokesperson Laura Pacas told
TechCrunch.  

This week’s ‘must-read’ on The Avast Blog

Adware is prevalent online, even at reputable stores like the Google Play Store. Learn more about adware apps found by Avast researchers and how to avoid downloading adware on your phone. 
...
Continue Reading
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
AWZ Screen Recorder
AWZ Screen Recorder ...zevish — 11:05
Website X5 Go 2024.1
Website X5 Go 2024.1...zevish — 09:32
Apple's rules to allow third-party app ...
Apple has announ...alison30 — 09:28
Intel: Microsoft AI PCs need a Copilot K...
Microsoft hopes th...harlan4096 — 08:55
Synchredible 8 Professional Edition v8.2...
          Synchredib...zevish — 08:54

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
There are no staff members currently online.

>