by Paul Ducklin We delve into Google’s tight-lipped Chrome bugfix, explain how a Belgian researcher awarded himself 111,848 cups of coffee, and discuss the audacious but thankfully temporary theft of the Perl.com domain. With Kimberly Truong, Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. LISTEN NOW . . . Read more
by Paul Ducklin HTTPS, as you probably know, stands for secure HTTP, and it’s a cryptographic process – a cybersecurity dance, if you like – that your browser performs with a web server when it connects, improving privacy and security by agreeing to encrypt the data that goes back and . . . Read more
A look back at what was hot with readers — offering a snapshot of the security stories that were most top-of-mind for security professionals and consumers throughout the year. As 2020 draws to a close, it’s clear that work-from-home security, ransomware, COVID-19-themed social engineering and attacks by nation-states will go . . . Read more
Researchers identify malware existing in popular add-ons for Facebook, Vimeo, Instagram and others that are commonly used in browsers from Google and Microsoft. Twenty-eight popular extensions for Google Chrome and Microsoft Edge browsers may contain malware and likely should be uninstalled by the more than 3 million people that already . . . Read more
Browser users are once again being asked to patch severe vulnerabilities that can lead to remote code execution. Google is asking Chrome desktop users to prepare to update their browsers once again as two more zero-day vulnerabilities have been identified in the software. Both allow an unauthenticated, remote attacker to . . . Read more
by Paul Ducklin In this episode: a zero-day bug in Chrome for Android, the imminent death of Adobe Flash, the evolution of “malware-as-a-service“, and the malware risks from image search. Also (oh! no!), why you should take care before you pair. Presenters: Kimberly Truong, Doug Aamoth and Paul Ducklin. Intro . . . Read more
Another week, another Chrome zero-day, this time on your phone.
Patches for both the Chrome desktop and Android browser address high-severity flaws with known exploits available in the wild.
by Paul Ducklin Do you browse with Google Chrome or a related product such as Chromium? If so, please check that your auto-updater is working and that you have the latest version. A trip to the About Chrome or About Chromium dialog should give the version identifier 86.0.4240.111. That’s the . . . Read more