LayerX Security’s Post

How do you secure extensions? Are they even a risk? YES.... they most definitely are. "Even after subtracting 63 million policy violations and three million with vulnerable code, the researchers estimate that there were still: 😵 280 million installs of Chrome extensions containing malware 😵 ." Best practice to manage: - Review new extensions before installing them - read the information about the extension and the developer before installing. - Uninstall extensions that you no longer use. - Limit the sites an extension has permission to work on. - Enable the Enhanced Protection mode of Chrome’s Safe Browsing capability. Or if you do not want to rely on your user to instigate these controls, consider a browser security solution like Seraphic Security to central apply, whitelist and stop the malware riddled extensions. #extension #risk #securebrowser Debbi Fulbrook🪽

280M users installed Dangerous Extensions... Do you believe one of your employees is among them? This is only one vulnerability among so many that we solve @ Seraphic Security. Contact us to better understand how we Turn Any Browser Into a #Secure #Enterprise #Browser.

Seeing the Unseen: Preventing Breaches by Spotting Malicious Browser Extensions When an end user installs a browser extension, the permissions granted open the door to a world of possibilities — and vulnerabilities. Depending on what’s allowed, these extensions can access a veritable treasure trove of information: everything from web traffic and saved credentials to session cookies, clipboard data and beyond. https://zurl.co/ib0J CrowdStrike G-Net Solutions, Inc. #browsersecurity #exposuremanagement #malware

Google Chrome has introduced a new security feature that warns users about potentially risky password-protected archives. This update is part of Google's ongoing efforts to enhance online safety through its Enhanced Safe Browsing initiative. When users attempt to download password-protected ZIP files that may contain malicious content, Chrome now displays a warning prompt, encouraging caution before proceeding with the download. This measure aims to protect users from malware and other threats often hidden in such archives, further bolstering Chrome's security capabilities against evolving cyber threats. #GoogleChrome #CyberSecurity #SafeBrowsing #OnlineSafety #MalwareProtection #TechNews #PasswordSecurity

Ad-injecting malware posing as DwAdsafe ad blocker uses Microsoft-signed driver: ESET Research has discovered a sophisticated Chinese browser injector: a signed, vulnerable, ad-injecting driver from a mysterious Chinese company. This threat, which ESET dubbed HotPage, comes self-contained in an executable file that installs its main driver and injects libraries into Chromium-based browsers. The Chinese company’s certified products listed in the Windows Server Catalog (source: ESET) Posing as a security product capable of blocking advertisements, it actually introduces new ads. Additionally, the malware can replace the … More → The post Ad-injecting malware posing as DwAdsafe ad blocker uses Microsoft-signed driver appeared first on Help Net Security.

In the first half of 2024, the FakeBat loader, also known as EugenLoader or PaykLoader, emerged as a prominent threat leveraging the drive-by download technique. This method has increasingly been adopted by cybercriminals to spread malware through unsuspecting users’ web browsing activities. #cybersecurity https://lnkd.in/eR7bX9Xi

Chrome, Edge users beset by malicious extensions that can’t be easily removed: A widespread campaign featuring a malicious installer that saddles users with difficult-to-remove malicious Chrome and Edge browser extensions has been spotted by researchers. “The trojan malware contains different deliverables ranging from simple adware extensions that hijack searches to more sophisticated malicious scripts that deliver local extensions to steal private data and execute various commands,” the Reason Labs research team says. “We have witnessed a very wide distribution of the malware and extensions – in total … More → The post Chrome, Edge users beset by malicious extensions that can’t be easily removed appeared first on Help Net Security.

The landscape of browser security has undergone significant changes over the past decade. While Browser Isolation was once considered the gold standard for protecting against browser exploits and malware downloads, it has become increasingly inadequate and insecure in today's SaaS-centric world. The limitations of Browser Isolation, such as degraded browser performance and inability to tackle

This is great news that Google Chrome will soon be better equipped to protect you and your teams from more harmful Web sites. The terrifying statistic in this article is.. "the list of harmful websites is growing at a rapid pace and that 60% of the phishing domains exist for less than 10 minutes, making them difficult to block." Training employees with good Security Awareness skills is still the number 1 way to reduce risk. Speak to me about that. Book a call via our web site www.pstechnology.co.uk to see how effective and inexpensive this is.

📱 Apps rule our world, but at what cost? With 148.2 billion downloads in 2023 alone, the app ecosystem is booming. But did you know there are over 1 billion malware programs out there, with 560,000 new threats detected daily? Learn why your favorite apps might be more vulnerable than you think in our blog post: https://bit.ly/3zpvs5l