by Paul Ducklin Almost exactly a month ago, or a couple of days under an average month given that February was the short one, we warned of a zero-day bug in Google’s Chromium browser code. Patch now, we said. And we’re saying it again, following Google’s otherwise cheery release of . . . Read more
by Paul Ducklin We delve into Google’s tight-lipped Chrome bugfix, explain how a Belgian researcher awarded himself 111,848 cups of coffee, and discuss the audacious but thankfully temporary theft of the Perl.com domain. With Kimberly Truong, Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. LISTEN NOW . . . Read more
by Paul Ducklin Google, whose Project Zero bug-hunting team is often surprisingly vocal when describing and discussing software vulnerabilities, has taken a very quiet approach to a just-patched bug in its Chrome browser. In this case, the low-key announcement is understandable, because the patch fixes a hole that cybercrooks are . . . Read more
by Paul Ducklin HTTPS, as you probably know, stands for secure HTTP, and it’s a cryptographic process – a cybersecurity dance, if you like – that your browser performs with a web server when it connects, improving privacy and security by agreeing to encrypt the data that goes back and . . . Read more
The Adrozek ad-injecting browser modifier malware also extracts device data and steals credentials, making it an even more dangerous threat.
Overall Google’s Chrome 87 release fixed 33 security vulnerabilities. Google has released patches for several high-severity vulnerabilities in its Chrome browser with the rollout of Chrome 87 for Windows, Mac and Linux users. Overall, Google fixed 33 vulnerabilities in its latest version, Chrome 87.0.4280.66, which is being rolled out over . . . Read more
Another week, another Chrome zero-day, this time on your phone.
Listen to the latest Naked Security podcast!
Google said Chrome 86 will automatically block malicious notifications that may be used for phishing or malware. Google has added a new feature to Chrome 86 that aims to stomp out abusive notification content. Web notifications are utilized for a variety of applications – such as prompting site visitors to . . . Read more
by Paul Ducklin Do you browse with Google Chrome or a related product such as Chromium? If so, please check that your auto-updater is working and that you have the latest version. A trip to the About Chrome or About Chromium dialog should give the version identifier 86.0.4240.111. That’s the . . . Read more