Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Internet Browser. Show all posts
OpenAI
AI integration AI Powered AI technology Browser ChatGPT Chrome Cyber Security Data collection data security Google Chrome Internet Browser OpenAI

OpenAI Launching AI-Powered Web Browser to Rival Chrome, Drive ChatGPT Integration

 

OpenAI is reportedly developing its own web browser, integrating artificial intelligence to offer users a new way to explore the internet. According to sources cited by Reuters, the tool is expected to be unveiled in the coming weeks, although an official release date has not yet been announced. With this move, OpenAI seems to be stepping into the competitive browser space with the goal of challenging Google Chrome’s dominance, while also gaining access to valuable user data that could enhance its AI models and advertising potential. 

The browser is expected to serve as more than just a window to the web—it will likely come packed with AI features, offering users the ability to interact with tools like ChatGPT directly within their browsing sessions. This integration could mean that AI-generated responses, intelligent page summaries, and voice-based search capabilities are no longer separate from web activity but built into the browsing experience itself. Users may be able to complete tasks, ask questions, and retrieve information all within a single, unified interface. 

A major incentive for OpenAI is the access to first-party data. Currently, most of the data that fuels targeted advertising and search engine algorithms is captured by Google through Chrome. By creating its own browser, OpenAI could tap into a similar stream of data—helping to both improve its large language models and create new revenue opportunities through ad placements or subscription services. While details on privacy controls are unclear, such deep integration with AI may raise concerns about data protection and user consent. 

Despite the potential, OpenAI faces stiff competition. Chrome currently holds a dominant share of the global browser market, with nearly 70% of users relying on it for daily web access. OpenAI would need to provide compelling reasons for people to switch—whether through better performance, advanced AI tools, or stronger privacy options. Meanwhile, other companies are racing to enter the same space. Perplexity AI, for instance, recently launched a browser named Comet, giving early adopters a glimpse into what AI-first browsing might look like. 

Ultimately, OpenAI’s browser could mark a turning point in how artificial intelligence intersects with the internet. If it succeeds, users might soon navigate the web in ways that are faster, more intuitive, and increasingly guided by AI. But for now, whether this approach will truly transform online experiences—or simply add another player to the browser wars—remains to be seen.
Read more »
North Korea
APT37 Hacker InkyQuid Internet Browser malware North Korea

Internet Browser Vulnerabilities Exploited by North Korean Hackers to Implant Malware

 

A threat actor from North Korea has indeed been found exploiting two flaws in the Internet Explorer to attack individuals with a specialized implant, targeting a South Korean online daily newspaper as a component of strategic web compromise (SWC). 

Volexity, a cybersecurity firm, has accredited these attacks and operations to a threat actor recognized by the name InkySquid also better known by the monikers ScarCruft and APT37. It is indeed a widely known North Korean hackers' body. Daily NK — the publication of concern, is believed to have been host to the malevolent code from at least the end of March 2021 to early June 2021. 

InkySquid, the infamous North Korean hacker group has been leveraging the vulnerability since 2020 to upload falsified Javascript code that is usually buried within the genuine code in cyberattacks against an Internet Explorer browser. 

However, according to security researchers, earlier in April this year, Volexity identified a suspicious code loaded via www.dailynk[.]com onto unlawful jquery[.]services subdomains. There are two types of URLs identified, which are listed below:

  • hxxps://www.dailynk[.]com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
  • hxxps://www.dailynk[.]com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 

Further, Volexity experts have noted that the "clever disguise of exploit code amongst legitimate code" as well as the usage of bespoke malware allows attackers to escape detection. 

These attacks involved manipulating the jQuery JavaScript libraries on the website to serve further obscured code from a remote URL and use it to abuse the exploits of two Internet Explorer vulnerabilities that were addressed by Microsoft in August 2020 and March 2021. A Cobalt Strike stagger, as well as the BLUELIGHT new backdoor, have successfully been deployed. 

  • CVE-2020-1380 (CVSS score: 7.5) - Scripting Engine Memory Corruption Vulnerability 
  • CVE-2021-26411 (CVSS score: 8.8) - Internet Explorer Memory Corruption Vulnerability 

It must be mentioned that both the vulnerabilities were actively leveraged in the wild by the North Korean hackers using them to target security scientists working in research and development on vulnerabilities in an operation that was uncovered earlier in January. 

After the timely implementation of the Cobalt Strike, BLUELIGHT is employed as a secondary payload, as a full-featured remote access technique that allows total access to an affected system. 

Along with obtaining system metadata and antivirus product information, malware can execute shellcodes, collect cookies and credentials through Internet Explorer, Microsoft Edge, and Google Chrome browsers, acquire files, and install arbitrary runs that are exfiltrated to a remote server.
Read more »
Subscribe to: Posts (Atom)