A week in security (March 4 – 11)

Credit to Author: Malwarebytes Labs| Date: Mon, 11 Mar 2019 15:47:27 +0000

A roundup of cybersecurity news from March 4–11, including a Chrome zero-day, Labs’ data privacy report, news from RSA, and more.

Categories:

Tags:

(Read more…)

The post A week in security (March 4 – 11) appeared first on Malwarebytes Labs.

Read more

Extensión de Chrome avisa si las credenciales del usuario están comprometidas

Credit to Author: Naked Security| Date: Mon, 11 Feb 2019 10:15:40 +0000

Google escogió el Día de Inter Segura para anunciar Password Checkup, una extensión de Chrome diseñada para avisar a los usuarios cuando introducen un nombre de usuario y contraseña que la empresa ha detectado en alguna filtración. Al igual que el recientemente lanzado Mozilla Firefox Monitor, Password Checkup tiene un nivel superficial sencillo en el [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/uJitph82Rbs” height=”1″ width=”1″ alt=””/>

Read more

¡Actualiza ya! Chrome y Firefox solucionan problemas de seguridad

Credit to Author: Naked Security| Date: Mon, 04 Feb 2019 15:38:09 +0000

Nos encontramos ante la primera actualización de navegadores con tanto Google y Mozilla solucionando vulnerabilidades de seguridad tanto en Chrome y Firefox para Mac, Windows, y Linux. Pero en cuanto a la seguridad de Chrome de su versión 72, se trata más de lo que se ha quitado de lo que se ha añadido. Uno [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/EUY2DVW6a8k” height=”1″ width=”1″ alt=””/>

Read more

Google Chrome announces plans to improve URL display, website identity

Credit to Author: Malwarebytes Labs| Date: Wed, 06 Feb 2019 18:16:47 +0000

The search giant isn’t “killing” (a.k.a. getting rid of) the URL, unlike some sensationalist and eye-rolling headlines have put it. They are slowly giving it a facelift.

Categories:

Tags:

(Read more…)

The post Google Chrome announces plans to improve URL display, website identity appeared first on Malwarebytes Labs.

Read more

We block shady ad blockers

Credit to Author: Malwarebytes Labs| Date: Wed, 11 Jul 2018 18:15:23 +0000

Some of you have reached out to us concerning Malwarebytes blocking of certain Ad blocking extensions, or an influx in web blocking notifications.  First things first, this is not a False Positive. 

Categories:

Tags:

(Read more…)

The post We block shady ad blockers appeared first on Malwarebytes Labs.

Read more

Look-Alike Domains and Visual Confusion

Credit to Author: BrianKrebs| Date: Thu, 08 Mar 2018 16:55:13 +0000

How good are you at telling the difference between domain names you know and trust and imposter or look-alike domains? The answer may depend on how familiar you are with the nuances of internationalized domain names (IDNs), as well as which browser or Web application you’re using. For example, how does your browser interpret the following domain? I’ll give you a hint: Despite appearances, it is most certainly not the actual domain for software firm CA Technologies (formerly Computer Associates Intl Inc.), which owns the original ca.com domain name: https://www.са.com/ Go ahead and click on the link above or cut-and-paste it into a browser address bar. If you’re using Google Chrome, Apple’s Safari, or some recent version of Microsoft’s Internet Explorer or Edge browsers, you should notice that the address converts to “xn--80a7a.com.” This is called “punycode,” and it allows browsers to render domains with non-Latin alphabets like Cyrillic and Ukrainian. Below is what it looks like in Edge on Windows 10; Google Chrome renders it much the same way. Notice what’s in the address bar (ignore the “fake site” and “Welcome to…” text, which was added as a courtesy by the person who registered this domain):

Read more

Microsoft Patch Tuesday, February 2018 Edition

Credit to Author: BrianKrebs| Date: Tue, 13 Feb 2018 21:13:27 +0000

Microsoft today released a bevy of security updates to tackle more than 50 serious weaknesses in Windows, Internet Explorer/Edge, Microsoft Office and Adobe Flash Player, among other products. A good number of the patches issued today ship with Microsoft’s “critical” rating, meaning the problems they fix could be exploited remotely by miscreants or malware to seize complete control over vulnerable systems — with little or no help from users.

Read more

Attackers Exploiting Unpatched Flaw in Flash

Credit to Author: BrianKrebs| Date: Fri, 02 Feb 2018 14:21:06 +0000

Adobe warned on Thursday that attackers are exploiting a previously unknown security hole in its Flash Player software to break into Microsoft Windows computers. Adobe said it plans to issue a fix for the flaw in the next few days, but now might be a good time to check your exposure to this still-ubiquitous program and harden your defenses. Adobe said a critical vulnerability (CVE-2018-4878) exists in Adobe Flash Player 28.0.0.137 and earlier versions. Successful exploitation could potentially allow an attacker to take control of the affected system.

Read more