Google Chrome | Breaking Cybersecurity News | The Hacker News

We found a high concern for cybersecurity tactics and an increased awareness of the challenges that it brings. This week, we shared lots of stories with our readers, and to help them in identifying the biggest malware threats to their online safety. We are here with the outline of our last week stories, just in case you missed any of them ( ICYMI ). We recommend you read the entire thing ( just click ' Read More ' because there's some valuable advice in there as well ). Here's the list: ➢ How Hackers Can Hack Your Gmail Accounts? Getting smarter in their phishing tactics, hackers have found out ways to fool Gmail's tight security system by bypassing its two-step verification. Hackers are now using text messages and phone-based phishing attacks to circumvent Gmail's security and take over your Gmail accounts. — Read more . ➢ Not Just Windows 10, Windows 7 and 8 Also Spy on You Laughing at controversial data mining and privacy invasion featur

Rejoice Chrome users! Google has made major improvements to its Chrome web browser that would once again make it one of the least memory eater browsers in the market. Although Chrome is used by hundreds of millions of people worldwide due to its simplicity and power, most people aren't happy with it because it uses too much memory and power. Google has now solved these problems. The most recent release of Chrome ( Chrome 45 ) is intended to make your browsing experience faster and more efficient. Google launched Chrome 45 for Windows, Mac, Linux, and Android two days ago, but the company announced in an official blog post Friday that the new version includes several new updates that focus on making the browser load faster and use less memory. Also Read:  I keep 200+ Browser Tabs Open, and My Computer Runs Absolutely Fine. Here's My Secret Chrome 45 Uses 10% Less RAM A major issue reported by Chrome users was the browser's consumption of PC mem

Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic access keys, enabling authentication and facilitating interactions among systems and services, which are essential for every API call, database query, or storage account access. As we depend on multi-factor authentication and passwords to safeguard human identities, a pressing question arises: How do we guarantee the security and integrity of these non-human counterparts? How do we authenticate, authorize, and regulate access for entities devoid of life but crucial for the functioning of critical systems? Let's break it down. The challenge Imagine a cloud-native application as a bustling metropolis of tiny neighborhoods known as microservices, all neatly packed into containers. These microservices function akin to diligent worker bees, each diligently performing its designated task, be it processing data, verifying credentials, or

Get ready for a new Android Browser! Android ROM developer CyanogenMod has announced that it is working on a new browser for Android devices. Dubbed Gello , the open-source browser is based on Google's Chromium project and includes a ton of customization options for Android. The team provided a first look of Gello through a demo video that actually reveals a lot about the new Android browser. Some Specific Features of Gello include: " Save for Offline " Reading Mode Night Mode and Immersive Mode options Extensive site-by-site Privacy and Security Settings, including Ad Blocker Advanced Download Manager that allow you to rename files and select file paths Customized interface , including Tab Animations and Management Moreover, Lots of other granular controls. The Gello web browser would be aimed at those who prefer Android Open Source Project (AOSP) versions instead of Google's Android. The team noted that the Gello browser will not

Google was under fire of downloading and installing a Chrome extension surreptitiously and subsequently listened to the conversations of Chromium users without consent. After these accusations, a wave of criticism by privacy campaigners and open source developers has led Google to remove the extension from Chromium , the open-source version of the Chrome browser. The extension in question is " Chrome Hotword ," which was found to be responsible for offering the browser's famous " OK, Google " functionality. ' Ok, Google ' is certainly a useful feature that allows users to search for things via their voice when they use Google as their default search engine, but its something that also enables eavesdropping of every single conversation made by a user. Google Silently Listens to your Conversation This issue came to light by Pirate Party founder Rick Falkvinge , who says Google has silently installed black box code into the open-so

I don't know about your part, but I make heavy use of tabs. I currently have 200+ tabs open in my Google Chrome Web browser. And sometimes the number is even more. For me it's a daily thing, as I regularly open new tabs because of my habit of reading lots of stuff online, including cyber security updates, hacking news, knowledgeable articles of various categories, new recipes to cook something delicious and, of course, funny viral videos. Browsers — Everything for us, But Biggest Memory Eaters! I think you'll agree with me when I say: It's really hard to manage so many tabs on Chrome — and Firefox too. But worse still is the obstruction in the performance of your computer, as the tabs continue to run background processes and feed on your system's memory. It gets difficult to sort through them, everything slows down, and sometimes it crashes the browser itself. Doesn't it? But, I really don't face any issue while surfing on 200+ tabs at one time

Less than 24 hours after Google launched the new Phishing alert extension Password Alert , a security researcher was able to bypass the feature using deadly simple exploits. On Wednesday, the search engine giant launched a new Password Alert Chrome extension to alert its users whenever they accidentally enter their Google password on a carefully crafted phishing website that aimed at hijacking users' account. However, security expert Paul Moore easily circumvented the technology using just seven lines of simple JavaScript code that kills phishing alerts as soon as they started to appear, defeating Google's new Password Alert extension. Google shortly fixed the issue and released a new update to Password Alert extension that blocked the Moore's exploit. However, Moore discovered another way to block the new version of Password Alert, as well. The first proof of concept exploit by Moore relied on a JavaScript that looks for instances of warning screen every five mil

If you're a bug hunter and love playing with codes than you could grab as much as US$15,000 from Microsoft for finding out vulnerabilities in its latest Project Spartan browser . Yes, $15,000! It seems like Redmond don't want to take a chance to let hackers and cyber criminals get their hands on the company's latest Windows 10 operating system. On Wednesday, Microsoft announced that the company will be expanding its bug bounty program ahead of the release of Windows 10, which will include a two-month hunt for vulnerabilities in its new web browser, Project Spartan. So, it's time for security researchers and hackers to earn extra cash from Microsoft. For those who are unaware… What's Project Spartan? Project Spartan is Microsoft's project for its new web browser to replace the oldest Internet Explorer from its Windows operating system. Though the project is still very much under the developmental stage, Microsoft is making every effort to make Spartan

If you are really upset with Chrome browsers warnings that your HTTPS enabled website contains unsecured third-party contents that sometimes force your users to close the tab, Google has solved this problem for you. With the release of the next version of Google's popular browser, Chrome 43 , it may be easier for developers and system administrators to ensure HTTPS websites are not compromised by insecure HTTP resources. Until now, the current browsers of Google flag a ' mixed-content warning ' in the form of a yellow triangle over the padlock if any HTTPS page loads any resource from an unencrypted HTTP URL. What's mixed content? And… ...Why should I worry about Mixed content if I am using HTTPS on my web pages? If, say, your website has HTTPS enabled but your website's pages are loading contents, such as images, retrieved through regular, clear text HTTP URLs, then it is believed that the connection is only partially encrypted. Partial

Google has finally rolled out the latest version of its popular web browser, i.e. Chrome 42 for Windows, Mac, and Linux users that now lets websites send you alerts, no matter your browser is open or not. The release of the latest Chrome 42 version is a great deal as it costs Google more than $21,000. Yes, $21,000! The latest version of Chrome comes with fixes for 45 security vulnerabilities in the web browser, reported by different security researchers [listed below]. Let's know about the Major updates : Major updates and significant improvements for Chrome version 42 includes: Advanced Push API and Notifications API Disabled Oracle's Java plugin by default as well as other extensions that use NPAPI Patched 45 security bugs and paid out more than $21,000 Push API : Google includes Push API in its web browser for the first time. Push API, when combined with the new notifications API, allows websites to push notifications to you through y

Few weeks back, we reported how a string of just 13 characters could cause your tab in Chrome to crash instantly . However, there was an exception that this special 13 characters string was only working on Mac OS X computers with no impact on Windows, Android, or iOS operating systems. Now, a recent hack against Chrome browser could crash your Chrome version 41 and above for Mac OS X, Windows and Chrome OS. At the time of writing, Chrome 41 seems to crash on long and/or malformed URLs. The details of this crash bug, dubbed as AwSnap , is described on Github . Warning: DO NOT CLICK on this LINK , which actually points to a Reddit thread that crashes Chrome browser because a Reddit user-submitted post containing the crash content. Just like a post, crashing a thread via a comment is also possible. Chrome crash occurs only when accessing the long and/or malformed URLs through a web server, which means using file:// will not crash your Chrome browser. Examples of

Last year at Google I/O developer event, Google launched a limited beta " App Runtime for Chrome " (ARC) project, which now expanded to run millions of Android apps within Chrome browser. Google has released a new developer tool called App Runtime for Chrome (ARC) Welder that allows Android apps to run on Chrome for Linux, Windows, and OS X systems. App Runtime for Chrome (ARC) was an early experiment specifically designed for app developers, but now anyone can download it. Google Chrome's ARC Welder app can now run any of your favorite Android apps like WhatsApp, Candy Crush, Angry Birds, all from your Chrome web browser . ARC welder tool operates via some special runtime implemented using Native Client (NaCl) in-browser binary execution tech. Native Client is a Chrome sandboxing technology that allows Chrome plugins and apps to run at near-native speeds, taking full advantage of the system's CPU and GPU. Google ported complete Android s

You might be not aware of the companies that know pretty much everything related to your email activities like when you've opened email sent by one of their clients, where you are located, what device you're using, what link you click, all without your consent, even if you haven't click any link provided in that email. Companies like Yesware , Bananatag, and Streak track emails , usually by adding small pixels or images to those emails which inform the companies that when and where their emails have been opened by the recipients. If you find this something different then let you know that this sort of email tracking is very common practice adopted by many companies. However, in order to detect these tracking emails, now you have a simple but effective tool. UGLY EMAIL -- DETECT EMAIL TRACKERS Dubbed " Ugly Email ", a new Chrome extension warns you when an email you receive in your Gmail inbox have the ability to track you, and it even works before opening t

The Annual Pwn2Own Hacking Competition  2015 held in Vancouver is over and participants from all over the world nabbed $557,500 in bug bounties for 21 critical bugs in top four web browsers as well as Windows OS, Adobe Reader and Adobe Flash. During the second and final day of this year's hacking contest, the latest version of all the four major browsers including Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, and Apple Safari, were compromised by the two security researchers. Sponsored by HP's Zero Day Initiative program, the Pwn2Own Hacking Competition ran two days at a security conference in Vancouver, Canada. The final highlights for Pwn2Own 2015 are quite impressive: 5 bugs in the Windows operating system 4 bugs in Internet Explorer 11 3 bugs in Mozilla Firefox 3 bugs in Adobe Reader 3 bugs in Adobe Flash 2 bugs in Apple Safari 1 bug in Google Chrome $557,500 USD bounty paid out to researchers The star of the show was South Korean secur

If you're currently on a Mac computer and using a Chrome browser then a weird little Apple's OS X quirk, just a special thirteen-characters string could cause your tab in Chrome to crash instantly. A string of 13 characters (appear to be in Assyrian ), shown below in an image, is all needed to crash any tab in Chrome for OS X, however, this text has no impact on Windows, Android, or iOS operating systems. This Chrome crash vulnerability has already been reported by an open-source project Chromium project, which means that Google is likely aware of this troublesome issue. What steps will reproduce the problem? Any page with [ that special character ] will crash the chrome tab on a Mac. Just create any dummy page with the unicode characters, and the Mac Chrome tab will crash hard. What is the expected result? Expect it not to crash What happens instead? It crashes Warning : Do not click on this link , which actually points to the bug report on the Chromiu

It's been a long time coming, but now the users of Firefox and Opera browsers don't need to rely on the Chrome browser to access WhatsApp Web client, as the most popular smartphone messaging service has announced that the Web-based version of its service now works on Firefox and Opera web browsers   too. WHATSAPP WEB AVAILABLE FOR OPERA & FIREFOX Almost a month ago, WhatsApp launched the web client of its service but the access was limited only to the Google Chrome users. Now, the company is giving more choices to desktop users by launching WhatsApp Web Today for Opera and Firefox browsers , though you'll still have to wait a little long if you're a Safari user. WhatsApp Web is nothing than an extension of the core mobile WhatsApp application. It syncs conversations from your smartphone devices to your PCs, with everything stored on the mobile device itself. HOW TO USE WHATSAPP ON PC/DESKTOP In order to install WhatsApp web in your PC or laptop running

Back in june this year, Google announced an alpha Google Chrome extension called " End-to-End " for sending and receiving emails securely, in wake of former NSA contractor Edward Snowden's revelations about the global surveillance conducted by the government law-enforcements. Finally, the company has announced that it made the source code for its End-to-End Chrome extension open source via GitHub . Google is developing a user-friendly tool for individuals to implement the tough encryption standard known as Pretty Good Privacy (PGP) in an attempt to fully encrypt people's Gmail messages that can't even be read by Google itself, nor anyone else other than the users exchanging the emails. PGP is an open source end-to-end encryption standard for almost 20 years, used to encrypt e-mail over the Internet providing cryptographic privacy and authentication for data communication, which makes it very difficult to break. But implementing PGP is too complicated for m

From last week, Google began paving the way to run Android apps on Chrome Operating System through the project named " App Runtime for Chrome ", but the release came with a lot of limitations – it only supported certain Android apps and on Chrome OS only. At the launch, initially only 4 Android apps – Vine, Evernote, Duolingo and Sight Words – were added to the Chrome Web Store. That was pretty exciting, but it merely whet the appetite of users hungry for more functionality. So, what if you could run more than just 4 Android apps on Chrome OS? And Also could run them on other operating systems as well? A developer by the name of " Vlad Filippov " began working on it to stripped away the limits Google has imposed. He successfully figured out a way to bring more Android apps to Chrome , instead of just the four that are officially supported by Google. The bigger success was that when Filippov got Android apps to work on any desktop Operating System tha