#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cybersecurity

secure browser | Breaking Cybersecurity News | The Hacker News

Category — secure browser
Google Blocks Chrome Extension Installations From 3rd-Party Sites

Google Blocks Chrome Extension Installations From 3rd-Party Sites

Jun 12, 2018
You probably have come across many websites that let you install browser extensions without ever going to the official Chrome web store. It's a great way for users to install an extension, but now Google has decided to remove the ability for websites to offer "inline installation" of Chrome extensions on all platforms. Google announced today in its Chromium blog that by the end of this year, its Chrome browser will no longer support the installation of extensions from outside the Web Store in an effort to protect its users from shady browser extensions. "We continue to receive large volumes of complaints from users about unwanted extensions causing their Chrome experience to change unexpectedly — and the majority of these complaints are attributed to confusing or deceptive uses of inline installation on websites," says ​James Wagner, Google's extensions platform product manager. Google's browser extensions crackdown will take place in three ph
Cryptocurrency Mining Scripts Now Run Even After You Close Your Browser

Cryptocurrency Mining Scripts Now Run Even After You Close Your Browser

Nov 30, 2017
Some websites have found using a simple yet effective technique to keep their cryptocurrency mining javascript secretly running in the background even when you close your web browser. Due to the recent surge in cryptocurrency prices, hackers and even legitimate website administrators are increasingly using JavaScript-based cryptocurrency miners to monetize by levying the CPU power of their visitor's PC to mine Bitcoin or other cryptocurrencies. After the world's most popular torrent download website, The Pirate Bay , caught secretly  using Coinhive , a browser-based cryptocurrency miner service, on its site last month, thousands of other websites also started using the service as an alternative monetization model to banner ads. However, websites using such crypto-miner services can mine cryptocurrencies as long as you're on their site. Once you close the browser window, they lost access to your processor and associated resources, which eventually stops mining. Un
Shining a Light on Shadow Apps: The Invisible Gateway to SaaS Data Breaches

Shining a Light on Shadow Apps: The Invisible Gateway to SaaS Data Breaches

Sep 10, 2024SaaS Security / Risk Management
Shadow apps, a segment of Shadow IT, are SaaS applications purchased without the knowledge of the security team. While these applications may be legitimate, they operate within the blind spots of the corporate security team and expose the company to attackers.  Shadow apps may include instances of software that the company is already using. For example, a dev team may onboard their own instance of GitHub to keep their work separate from other developers. They might justify the purchase by noting that GitHub is an approved application, as it is already in use by other teams. However, since the new instance is used outside of the security team's view, it lacks governance. It may store sensitive corporate data and not have essential protections like MFA enabled, SSO enforced, or it could suffer from weak access controls. These misconfigurations can easily lead to risks like stolen source code and other issues. Types of Shadow Apps  Shadow apps can be categorized based on their interac
How ZeuS Trojan Infects and Steals Money: What You Need to Know

How ZeuS Trojan Infects and Steals Money: What You Need to Know

Dec 03, 2010
You can get a ZeuS infection through a drive-by download from a malicious website or a hacked legitimate site. Clicking a link in an innocent-looking email can also open your system to attack. This past week, there was a surge of fake LinkedIn connection requests linked to ZeuS. While savvy users avoid clicking links from strangers, even links from friends can be dangerous, as a virus might have infected their system. But being cautious isn't enough. You might think a Trojan or virus attack affects only your computer, but this is far from the truth. The threat known as ZeuS or ZBot is a tool used by an international cybercrime ring with a single goal: to steal your money. While several criminals were charged recently, many remain free, and the malicious code continues to spread. To protect against all potential infection sources, you must install a security suite on any internet-connected computer. Because cybercriminals frequently release new ZeuS variants, you need a suite with
cyber security

DevOps Security Best Practices

websiteWizDevOps / Secure Coding
Develop securely from code to cloud with this DevOps Security Cheat Sheet from Wiz. Take a deep dive into secure coding, infrastructure security, and vigilant monitoring and response.
Expert Insights / Articles Videos
Cybersecurity Resources