Collaborate Disseminate
If I want to use a browser extension I don’t fully trust but only on certain sites without sensitive information, is setting ‘Site Access’ to ‘On Click’ enough?
Would this ensure the extension only operates on the sites I choose, without p… Continue reading If I want to use a browser extension I don’t trust but limit its activity to certain sites only is it possible?
I’ve been testing my browsers against these sites:
https://www.thumbmarkjs.com/
https://fingerprint.com/
With JShelter in recommended mode I get same hash on ThumbMarkJS site on every page load but when I set it to strict mode hash alway… Continue reading Can you help me understand JShelter’s browser fingerprint protection?
Most browser extensions I use are utility like tools that do something in the DOM. Like copying HTML tables to Markdown tables, accepting cookie warnings, removing ads, regex find replace et cetera.
With the current news regarding abused b… Continue reading Is there a way to limit browser extension internet access?
After the recent news of multiple compromised popular browser extensions.
Is it possible for organizations to setup browser extension allow and denylists for common browsers such as Edge, Chromium-based, Brave, etc.
If so, in what ways can… Continue reading How to allow or denylist specific browser extensions in popular browsers?
A "privacy by compartmentalization" measure I used to implement in my day to day surfing was to separate each part into Firefox profiles. (Work, Study, Finance…)
Recently I learned about Firefox Containers. It would be way more… Continue reading Firefox containers vs profiles, how contained are they?
I am concerned about the security of my passwords while using Google Chrome extensions. Specifically, I’d like to know if it’s possible for a Chrome extension to read passwords that I enter on websites. I wanted to download an extension, b… Continue reading Could a Google Chrome extension read my password?
Browser extensions have become integral to our online experience. From productivity tools to entertainment add-ons, these small software modules offer customized features to suit individual preferences. Unfortunately, extensions can prove useful to malicious actors as well. Capitalizing on the favorable characteristics of an add-on, an attacker can leverage attributes like persistence, seamless installation, elevated privileges […]
The post New Fakext malware targets Latin American banks appeared first on Security Intelligence.
Continue reading New Fakext malware targets Latin American banks
Twice now, seemingly randomly, I’ve been redirected to an ad site.
I believe it has occurred both times when I have a new tab open, type what I’m searching for (Google is my default search engine), press enter and then end up on the ad pag… Continue reading How to determine which Chrome extension is re-directing me to ad sites
Regarding 2FA browser plugins, I follow the uneducated opinion that they usually provide sufficient security. Since a desktop computer is a unique device (even a virtual machine) and provides that required 2nd factor, you can use a 2FA bro… Continue reading Are 2FA browser plugins sufficiently secure?
Can one remotely log my IP, browser history, and saved passwords?
I think the IP should be easily done if one of the extensions load a remote JavaScript to run in my browser. I’m not sure about other stuff within the browser.