Saturday, November 23, 2024
CybersecurityNewsOperating SystemsWeb Browsers

New Methods of Malware Distribution, Windows Update Issue, and New In-App Browser Tool

Browser Extensions Malware

by Artie Kaye

Browser extensions are addons to a browser which change the functionality. There are some that are designed to pose as legitimate offerings, even naming themselves as such. A malicious extension can function just like any other piece of malware, collecting cookies, harvesting personal information like passwords and user names, or tracking all of your browsing and relaying the information to another entity. The majority of the malware installed, according to Kaspersky, is advertising based. These track and report on searches and browsing activity. While browser storefronts do their best to remove anything harmful from their offerings, the extensions are commonly installed when installing from a third party site. Suggestions from the company to help protect yourself include periodically pruning what extensions you have installed, checking what privileges they ask for before installing, and downloading from trusted locations.

Third-Party references:

Click the links below to learn more details. (Opens in a new tab/window.)


Update Causing Problems for Windows

by Artie Kaye

The security update KB5012170 for Secure Boot was designed to address flaws in the UEFI bootloaders. After installing the update, some users are finding a BitLocker recovery screen preventing them from using their machine. Microsoft has explained how to access the recovery password in the support post linked below. Other users have found drives no longer configured properly on their systems after the patch. Data is not affected. The recommended course of action if encountering errors during or after installing the patch is to update the UEFI firmware.

Third-Party references:

Click the links below to learn more details. (Opens in a new tab/window.)


Hacked WordPress Sites Distributing Trojan Malware

by Artie Kaye

Cloudflare protects from DDoS attacks. For many sites that use its services a loading screen appears before the page you want to visit pops up. Hackers are using compromised WordPress accounts to display a fake Cloudflare screen, one with a prompt to click to proceed. Clicking will download a .iso file. Instructions follow to open the file to get a code to allow you to continue to the site. Do not open the file, as it will install an array of malware onto your machine. 

Third-Party references:

Click the links below to learn more details. (Opens in a new tab/window.)


New Program Can Test In App Browsers

by Artie Kaye

Instead of accessing your default browser, some apps have one built in to streamline their use. These programs are not always secure, and information can be transmitted. InAppBrowser is an open source project that can display the Javascript injections being made by these. The majority of Javascript injections are benign and functional, but it can be an unsecure vector. Some injected scripts could be used to monitor swipes and keystrokes. While this site won’t be able to tell you if something is malicious or not, it will tell you what it detects as being injected. The first link below is to the program’s website. The second link is how to use it.

Third-Party references:

Click the links below to learn more details. (Opens in a new tab/window.)