Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Browser. Show all posts
Scam
Browser confidential documents Cyber Security Emails phishing Scam

When Trusted Sites Turn Dangerous: How Hackers Are Fooling Users

 


A recent cyberattack has revealed how scammers are now using reliable websites and tailored links to steal people's login credentials. This new method makes it much harder to spot the scam, even for trained eyes.


How It Was Caught

A cybersecurity team at Keep Aware was silently monitoring browser activity to observe threats in real time. They didn’t interrupt the users — instead, they watched how threats behaved from start to finish. That’s how they noticed one employee typed their login details into a suspicious page.

This alert led the team to investigate deeper. They confirmed that a phishing attack had occurred and quickly took action by resetting the affected user’s password and checking for other strange activity on their account.

What stood out was this: the phishing page didn’t come from normal browsing. The user likely clicked a link from their email app, meaning the scam started in their inbox but took place in their browser.


How the Scam Worked

The employee landed on a real, long-standing website known for selling outdoor tents. This site was over 9 years old and had a clean online reputation. But cybercriminals had broken in and added a fake page without anyone noticing.

The page showed a message saying the user had received a “Confidential Document” and asked them to type in their email to view a payment file. This is a typical trick — creating a sense of urgency to get the person to act without thinking.


Tactics Used by Hackers

The fake page was designed to avoid being studied by experts. It blocked right-clicking and common keyboard shortcuts so that users or researchers couldn’t easily inspect it.

It also had smart code that responded to how the person arrived. If the phishing link already included the target’s email address, the page would automatically fill it in. This made the form feel more genuine and saved the user a step — making it more likely they’d complete the action.

This technique also allowed attackers to keep track of which targets clicked and which ones entered their information.


Why It Matters

This attack shows just how advanced phishing scams have become. By using real websites, targeted emails, and smooth user experiences, scammers are getting better at fooling people.

To stay safe, always be cautious when entering personal information online. Even if a site looks familiar, double-check the web address and avoid clicking suspicious email links. If something feels off, report it before doing anything else.


Read more »
Safari
Browser ChatGPT Data Breach Google Chrome Safari

How Web Browsers Have Become a Major Data Security Risk

 




For years, companies protected sensitive data by securing emails, devices, and internal networks. But work habits have changed. Now, most of the data moves through web browsers.  

Employees often copy, paste, upload, or transfer information online without realizing the risks. Web apps, personal accounts, AI tools, and browser extensions have made it harder to track where the data goes. Old security methods can no longer catch these new risks.  


How Data Slips Out Through Browsers  

Data leaks no longer happen only through obvious channels like USB drives or emails. Today, normal work tasks done inside browsers cause unintentional leaks.  

For example, a developer might paste secret codes into an AI chatbot. A salesperson could move customer details into their personal cloud account. A manager might give an online tool access to company data without knowing it.  

Because these activities happen inside approved apps, companies often miss the risks. Different platforms also store data differently, making it harder to apply the same safety rules everywhere.  

Simple actions like copying text, using extensions, or uploading files now create new ways for data to leak. Cloud services like AWS or Microsoft add another layer of confusion, as it becomes unclear where the data is stored.  

The use of multiple browsers, Chrome, Safari, Firefox — makes it even harder for security teams to keep an eye on everything.  


Personal Accounts Add to the Risk  

Switching between work and personal accounts during the same browser session is very common. People use services like Gmail, Google Drive, ChatGPT, and others without separating personal and office work.  

As a result, important company data often ends up in personal cloud drives, emails, or messaging apps without any bad intention from employees.  

Studies show that nearly 40% of web use in Google apps involves personal accounts. Blocking personal uploads is not a solution. Instead, companies need smart browser rules to separate work from personal use without affecting productivity.  


Moving Data Is the Most Dangerous Moment  

Data is most vulnerable when it is being shared or transferred — what experts call "data in motion." Even though companies try to label sensitive information, most protections work only when data is stored, not when it moves.  

Popular apps like Google Drive, Slack, and ChatGPT make sharing easy but also increase the risk of leaks. Old security systems fail because the biggest threats now come from tools employees use every day.  


Extensions and Unknown Apps — The Hidden Threat  

Browser extensions and third-party apps are another weak spot. Employees often install them without knowing how much access they give away.  

Some of these tools can record keystrokes, collect login details, or keep pulling data even after use. Since these risks often stay hidden, security teams struggle to control them.  

Today, browsers are the biggest weak spot in protecting company data. Businesses need better tools that control data flow inside the browser, keeping information safe without slowing down work.  


Read more »
Safari
Browser Cyber Fraud Google link Safari

Browser Warning: Fake Websites Steal Millions from Users

 



Cyber scammers give new warnings as they do not stop scamming unsuspecting web shoppers through a new phishing campaign posing to be online stores. Many of these fake stores Google has removed from its search results, but links remain on social media and other sites, hence why all internet users need to know how to spot these dangerous sites.


How the Scam Works

In its latest research, Human Security's Satori team has found that cyber thieves are taking advantage of a method that leads internet users from legitimate online platforms to fake online shopping. The attackers inject a malicious program that creates fake product listings in genuine websites. This tactic pushes these fake listings up to the top rank of the search results; hence, users who click on such pages are attracted by what seems to be a good deal. When you click on such links, you are redirected to a phishing site by a malicious person who actually controls the site.

On such rogue sites, they will force you to pay using the actual service providers that have a history of legitimacy, therefore giving you more confidence. After you pay, you never receive the product and lose your cash. Maybe some consumers have effectively filed a credit card chargeback, but recovery is not always possible.


A Massive Phishing Campaign

According to the latest research, the cybercrooks have managed to compromise more than 1,000 websites to spread false business proposals. The thieves had established 121 fake online shops, where the amount of dollars in money lost by hundreds of thousands of gullible people was going into millions. According to Human Security, hundreds of thousands of people have been duped by these cheats.

Be Alert with These False Sites Signs

The victim will not get caught again if he can see the following signs:

- Deals That Seem Too Good to Be True: Something that you bought a little below its selling price is a red flag. Confirm if the website is legit before you go further.

- Inconsistent Website Names: Sometimes, the domain name, popup titles, and payment processing pages can have different names. Fake sites often have inconsistent names in these details.

- Order Process Quality: Be cautious when the ordering process appears suspicious or lacks most normal security measures, such as autofill with an address.

- Check Reviews: Look for reviews of the website from outside sources. Recognize that some reviews are completely false. Some review sites are much better about guaranteeing legitimacy.


This phishing scam, they have called "Phish 'n' Ships." This campaign effectively makes use of search engine optimization tricks to push these phony listings up as top results, giving them a spurious sense of legitimacy to unsuspecting users. In spite of these having been largely removed by Google, the criminals' strategies are changing day by day.


Continued Threat Against Browser Users

These attacks are highly likely to be affected in all major web browsers, but researchers warn that "Phish 'n' Ships" has not been suppressed, because it remains active.

Even though Google succeeded in taking down some of its parts partially, criminals will most likely change their attack in order to continue scamming further.

Meanwhile, Malwarebytes has detected another threat in Bing search results. Cybercrooks have misused the terms "Keybank login" and other similar ones to reroute innocent surfers fraudulently to phishing sites aimed at stealing banking credentials. Sometimes, even the top result of the search is a malicious link.


Security Tips for Ad Campaigns

Before launching online ads, organisations should make sure that the advertising associates they hire are well-equipped to handle malvertising. Key best practices for this include ad monitoring for threats, latent "cloaked" malicious scanning and processes in place in case of attacks.

By being vigilant and checking websites, users can avoid becoming a victim of these very sophisticated scams.



Read more »
TOR
anonymization Browser Cyber Security Darknet Encryption Network Online Privacy Security servers TOR

Exploring the Tor Network: A Comprehensive Look at Online Anonymity and Privacy

 

The Tor network, originally developed in the early 2000s by the U.S. Naval Research Laboratory, has been operated since 2006 by the independent non-profit organization, The Tor Project. The project's primary goal is to offer a free method for anonymizing internet traffic. Approximately 85% of The Tor Project’s funding comes from U.S. government entities, while the remaining 15% is sourced from private donations and NGOs.

Tor, which stands for "The Onion Router," functions by routing a user's connection through three randomly selected servers (nodes), layering encryption like the layers of an onion. The destination site only detects the IP address of the final node, called the exit server, masking the user's original address. The system refreshes the connection route every 10 minutes, though the access node remains stable for two to three months.

Data transferred within the Tor network is encrypted until it reaches the exit server. However, users must still encrypt any sensitive information entered on websites, as data exiting the network can be read if it's not further encrypted. To access Tor, users need a specialized browser—like the Tor browser, based on Mozilla Firefox and configured for secure browsing.

With about 6,500 servers currently active worldwide, individuals, companies, and organizations operate these nodes. Any internet user with a DSL connection can set up a Tor node. However, the network's openness can be a vulnerability; if an exit node operator is not vigilant, unencrypted data can be intercepted. Additionally, sophisticated entities, such as intelligence agencies, could potentially track Tor users by analyzing traffic patterns or compromising nodes.

Despite these risks, Tor remains the most secure method of maintaining anonymity online. Around two million people, particularly those in heavily monitored states, use the Tor network daily. The darknet, a collection of hidden websites, also depends on Tor's anonymization for access.
Read more »
Web
Browser Internet Mozilla Technology User Privacy User Tracking Web

Mozilla Privacy: Tracking Users Without Consent


The organization behind the privacy-centric Firefox browser, has come under fire for allegedly tracking users without their consent. This controversy centers around a feature called Privacy Preserving Attribution (PPA), which has sparked a heated debate about privacy, consent, and the future of online tracking.

The User Tracking Allegations

The European digital rights group NOYB (None Of Your Business) has filed a privacy complaint against Mozilla, claiming that the PPA feature in Firefox tracks users’ online behavior without their explicit consent. According to NOYB, this practice violates the EU’s General Data Protection Regulation (GDPR), which mandates that users must be informed and give consent before any tracking can occur.

What is Privacy Preserving Attribution?

Privacy Preserving Attribution is a method designed to measure the effectiveness of online advertisements without relying on invasive third-party cookies. Instead of allowing individual websites to track users, PPA shifts this responsibility to the browser itself. The idea is to provide advertisers with the data they need while protecting users’ privacy.

However, the implementation of PPA has raised significant concerns. Critics argue that by enabling this feature by default, Mozilla has effectively bypassed the need for user consent. This move has been seen as contradictory to Mozilla’s long-standing reputation as a champion of online privacy.

The GDPR Implications

The GDPR is one of the most stringent privacy regulations in the world, and it requires that any form of data processing must be transparent and consensual. NOYB’s complaint suggests that Mozilla’s PPA feature does not meet these criteria. If the complaint is upheld, Mozilla could face substantial fines and be forced to alter its approach to user tracking.

Mozilla’s Response

In response to the allegations, Mozilla has defended the PPA feature, stating that it is designed to balance the needs of advertisers with the privacy rights of users. Mozilla argues that PPA is a more privacy-friendly alternative to traditional tracking methods and that it does not collect any personally identifiable information.

Despite these assurances, the controversy has highlighted a broader issue within the tech industry: the tension between innovation and privacy. As companies strive to develop new technologies, they must also navigate the complex landscape of privacy regulations and user expectations.

Read more »
Zero-day Flaw
Browser Chrome User Security Vulnerability and Exploits Zero-day Flaw

'0.0.0.0 Day' Vulnerability Puts Chrome, Firefox, Mozilla Browsers at Risk

 

A critical security bug known as "0.0.0.0 Day" has shook the cybersecurity world, leaving millions of users of popular browsers such as Chrome, Firefox, and Safari vulnerable to future assaults. This vulnerability allows malicious actors to possibly gain access to files, messages, credentials, and other sensitive data saved on a device within a private network, specifically "localhost.” 

What is 0.0.0.0 day flaw?

The term "0.0.0.0 Day" refers to a new vulnerability identified by Israeli cybersecurity startup Oligo that hackers can exploit before a fix is released. The zeroes indicate a lack of prior information or awareness of flaws. This makes it especially risky because users and developers are taken completely off guard. 

According to the research, the exploit consists of fraudulent websites luring browsers into allowing them to interface with APIs (Application Programming Interfaces) running on a user's local PC. These APIs are primarily intended for internal communication within applications and should not be available from other sources, such as websites. Attackers that exploit the 0.0.0.0 Day vulnerability could possibly get unauthorised access to sensitive information saved on a user's device, steal data, or even launch malware. 

Impact on key browsers 

The security ramifications of this issue are extensive. Here's a closer look at the possible impact on major browsers. 

Chrome zero-Day vulnerability: Google Chrome, the world's most popular browser, is an obvious target for attackers. A successful exploit of the 0.0.0.0 Day bug could allow criminals to get beyond Chrome's security measures and get access to a user's local network. This could expose sensitive information kept on a user's PC, compromise corporate networks if a user works remotely, or even aid in the installation of malware. 

Firefox zero-day vulnerability: Although Firefox is not as extensively used as Chrome, it is a popular choice for many consumers. A successful exploit of the 0.0.0.0 Day vulnerability may have similar repercussions for Firefox users. Attackers could potentially obtain access to local networks, steal data, or carry out malware attacks. 

Safari Zero-Day vulnerability: The 0.0.0.0 Day vulnerability could also affect Apple's Safari browser, which is the default browser on all Apple devices. While Apple has a reputation for strong security, this vulnerability underlines the ongoing need for vigilance. A successful exploit can allow attackers access to a user's local network on a Mac or iOS device, possibly compromising private information or aiding new assaults. 

The disclosure of the 0.0.0.0 Day vulnerability underlines the ongoing challenge of ensuring browser security in an increasingly complicated threat ecosystem. Browser developers must continue to invest in R&D to remain ahead of thieves. Users must also be cautious and follow best practices to safeguard themselves from emerging risks.
Read more »
Zero Day
Browser Data Google Chrome Vulnerability and Exploits Zero Day

Google Issues Emergency Update for New Chrome Vulnerability

 



Google has announced an urgent security update for its Chrome browser to fix a newly discovered vulnerability that is actively being exploited. This recent flaw, identified as CVE-2024-5274, is the eighth zero-day vulnerability that Google has patched in Chrome this year.

Details of the Vulnerability

The CVE-2024-5274 vulnerability, classified as high severity, involves a 'type confusion' error in Chrome's V8 JavaScript engine. This type of error occurs when the software mistakenly treats a piece of data as a different type than it is, potentially leading to crashes, data corruption, or allowing attackers to execute arbitrary code. The vulnerability was discovered by Google security researcher Clément Lecigne.

Google has acknowledged that the flaw is being exploited in the wild, which means that malicious actors are already using it to target users. To protect against further attacks, Google has not yet disclosed detailed technical information about the flaw.

To address the issue, Google has released a fix that is being rolled out via the Chrome Stable channel. Users on Windows and Mac will receive the update in versions 125.0.6422.112/.113, while Linux users will get the update in version 125.0.6422.112. Chrome typically updates automatically, but users need to relaunch the browser for the updates to take effect. To ensure the update is installed, users can check their Chrome version in the About section of the Settings menu.

Ongoing Security Efforts

This marks the third actively exploited zero-day vulnerability in Chrome that Google has fixed in May alone. Earlier this year, Google adjusted its security update schedule, reducing it from twice weekly to once weekly. This change aims to close the patch gap and reduce the time attackers have to exploit known vulnerabilities before a fix is released.

Previous Zero-Day Vulnerabilities Fixed This Year

Google has been actively addressing several critical vulnerabilities in Chrome throughout 2024. Notable fixes include:

1. CVE-2024-0519: An out-of-bounds memory access issue in the V8 engine, which could lead to heap corruption and unauthorised data access.

2. CVE-2024-2887: A type confusion vulnerability in the WebAssembly standard, which could be exploited for remote code execution.

3. CVE-2024-2886: A use-after-free bug in the WebCodecs API, allowing arbitrary reads and writes, leading to remote code execution.

4. CVE-2024-3159: An out-of-bounds read in the V8 engine, enabling attackers to access sensitive information.

5. CVE-2024-4671: A use-after-free flaw in the Visuals component, affecting how content is rendered in the browser.

6. CVE-2024-4761: An out-of-bounds write issue in the V8 engine.

7. CVE-2024-4947: Another type confusion vulnerability in the V8 engine, risking arbitrary code execution.

Importance of Keeping Chrome Updated

The continuous discovery and exploitation of vulnerabilities surfaces that it's imperative to keep our softwares up to date. Chrome’s automatic update feature helps ensure users receive the latest security patches without delay. Users should regularly check for updates and restart their browsers to apply them promptly.

Overall, Google’s quick response to these vulnerabilities highlights the critical need for robust security measures and careful practices in maintaining up-to-date software to protect against potential cyber threats.


Read more »
Privacy
Ad Blocking AdGuard DNS Browser DNS phishing Privacy

Block Ads and Boost Security with AdGuard DNS

 



Advertisements are omnipresent, disrupting our web browsing and compromising our online security. Many ads slow down our internet speed, infringe on our privacy, and even pose malware risks. However, there is a solution that can alleviate these issues: AdGuard DNS.

AdGuard DNS offers a comprehensive way to block malicious websites, intrusive ads, and trackers while also enabling parental controls. This service stands out by allowing up to 20 devices to connect across more than 50 servers in 15 locations. Now, a five-year subscription is available for $24.97, down from the regular price of $719.64, but only until May 22.

Default DNS (Domain Name System) services translate website names into IP addresses, guiding your browser to the correct site. AdGuard DNS takes this further by filtering out unsafe sites before you even visit them. This added layer of protection can demonstrably enhance your digital security.


Benefits of Blocking Ads

Blocking ads with a DNS service like AdGuard can make web pages load faster. This is because ads often consume substantial bandwidth and processing power, particularly those that are interactive or video-based. By reducing the data your browser needs to load, AdGuard DNS can dramatically improve your browsing experience.

Unlike browser-based ad-blockers, AdGuard DNS provides network-wide protection. This means it blocks ads and trackers not only in your web browser but also across your entire operating system, installed programs, and mobile apps. This system-level blocking is far more effective than relying solely on browser extensions, which can't intercept ads and trackers operating outside the browser.

AdGuard DNS also enhances your privacy and security. Ads are not just annoying; they can be dangerous, containing trackers, malware, and phishing links. For example, in April 2021, hackers used malicious ads to distribute infected software via fake sites, leading to data theft for many users. By blocking such ads, AdGuard DNS protects you from these threats before they reach your device.

For those seeking even more robust protection, AdGuard DNS offers advanced features like AI-powered malware filtering. This level of protection ensures that even the most sophisticated cyber threats are kept at bay, providing peace of mind in an increasingly vulnerable digital environment. 

In conclusion, AdGuard DNS provides a powerful, comprehensive solution for blocking ads, strengthening privacy, and securing your digital experience. With its current discounted offer, it's an excellent opportunity to protect your online world effectively and affordably.


Read more »
Subscribe to: Posts (Atom)