#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
DevSecOps

Browser Extention | Breaking Cybersecurity News | The Hacker News

Category — Browser Extention
Chinese Hackers Using Firefox Extension to Spy On Tibetan Organizations

Chinese Hackers Using Firefox Extension to Spy On Tibetan Organizations

Feb 25, 2021
Cybersecurity researchers today unwrapped a new campaign aimed at spying on vulnerable Tibetan communities globally by deploying a malicious Firefox extension on target systems. "Threat actors aligned with the Chinese Communist Party's state interests delivered a customized malicious Mozilla Firefox browser extension that facilitated access and control of users' Gmail accounts," Proofpoint said in an analysis. The Sunnyvale-based enterprise security company pinned the phishing operation on a Chinese advanced persistent threat (APT) it tracks as  TA413 , which has been previously attributed to attacks against the Tibetan diaspora by leveraging  COVID-themed lures  to deliver the Sepulcher malware with the strategic goal of espionage and civil dissident surveillance. The researchers said the attacks were detected in January and February 2021, a pattern that has continued since March 2020. The infection chain begins with a phishing email impersonating the "Tib...
WARNING — Hugely Popular 'The Great Suspender' Chrome Extension Contains Malware

WARNING — Hugely Popular 'The Great Suspender' Chrome Extension Contains Malware

Feb 06, 2021
Google on Thursday removed The Great Suspender , a popular Chrome extension used by millions of users, from its Chrome Web Store for containing malware. It also took the unusual step of deactivating it from users' computers. "This extension contains malware,"  read  a terse notification from Google, but it has since emerged that the add-on stealthily added features that could be exploited to execute arbitrary code from a remote server, including tracking users online and committing advertising fraud. "The old maintainer appears to have sold the extension to parties unknown, who have malicious intent to exploit the users of this extension in advertising fraud, tracking, and more," Calum McConnell  said  in a GitHub post. The extension, which had more than two million installs before it was disabled, would suspend tabs that aren't in use, replacing them with a blank gray screen until they were reloaded upon returning to the tabs in question. Signs of the...
Don't Overlook These 6 Critical Okta Security Configurations

Don't Overlook These 6 Critical Okta Security Configurations

Feb 10, 2025Identity Security / Data Protection
Given Okta's role as a critical part of identity infrastructure, strengthening Okta security is essential. This article covers six key Okta security settings that provide a strong starting point, along with recommendations for implementing continuous monitoring of your Okta security posture. With over 18,000 customers, Okta serves as the cornerstone of identity governance and security for organizations worldwide. However, this prominence has made it a prime target for cybercriminals who seek access to valuable corporate identities, applications, and sensitive data. Recently, Okta warned its customers of an increase in phishing social engineering attempts to impersonate Okta support personnel. Given Okta's role as a critical part of identity infrastructure, strengthening Okta security is essential. This article covers six key Okta security settings that provide a strong starting point, along with how continuous monitoring of your Okta security posture helps you avoid miscon...
Expert Insights / Articles Videos
Cybersecurity Resources