browser extensions – WindowsTechs.com

New Fakext malware targets Latin American banks

Posted on March 7, 2024 by Tal Langus

Browser extensions have become integral to our online experience. From productivity tools to entertainment add-ons, these small software modules offer customized features to suit individual preferences. Unfortunately, extensions can prove useful to malicious actors as well. Capitalizing on the favorable characteristics of an add-on, an attacker can leverage attributes like persistence, seamless installation, elevated privileges […]

The post New Fakext malware targets Latin American banks appeared first on Security Intelligence.

Continue reading New Fakext malware targets Latin American banks→

How to determine which Chrome extension is re-directing me to ad sites

Posted on December 28, 2023 by johnfernow

Twice now, seemingly randomly, I’ve been redirected to an ad site.
I believe it has occurred both times when I have a new tab open, type what I’m searching for (Google is my default search engine), press enter and then end up on the ad pag… Continue reading How to determine which Chrome extension is re-directing me to ad sites→

Are 2FA browser plugins sufficiently secure?

Posted on November 28, 2023 by Jonathan Root

Regarding 2FA browser plugins, I follow the uneducated opinion that they usually provide sufficient security. Since a desktop computer is a unique device (even a virtual machine) and provides that required 2nd factor, you can use a 2FA bro… Continue reading Are 2FA browser plugins sufficiently secure?→

What can be leaked using a browser extension where one of the extensions loads JavaScript from a remote site?

Posted on September 1, 2023 by Maxfield

Can one remotely log my IP, browser history, and saved passwords?
I think the IP should be easily done if one of the extensions load a remote JavaScript to run in my browser. I’m not sure about other stuff within the browser.

Continue reading What can be leaked using a browser extension where one of the extensions loads JavaScript from a remote site?→

How can I update an browser extension to use Google’s new code signature?

Posted on August 19, 2023 by peppersandwich

How can an end-user manually/locally update the code signature for an extension?
A Google Chrome extension broke 1 year ago due to Google Chrome’s new code signature. Users received errors like "can’t verify the identity of your web b… Continue reading How can I update an browser extension to use Google’s new code signature?→

The rise of malicious Chrome extensions targeting Latin America

Posted on July 28, 2023 by Itzik Chimino

In its latest research, IBM Security Lab has observed a noticeable increase in campaigns related to malicious Chrome extensions, targeting Latin America with a focus on financial institutions, booking sites, and instant messaging. This trend is particularly concerning considering Chrome is one of the most widely used web browsers globally, with a market share of […]

The post The rise of malicious Chrome extensions targeting Latin America appeared first on Security Intelligence.

Continue reading The rise of malicious Chrome extensions targeting Latin America→

Can a browser-based HTTPS proxy secure browsing data while using a system-level proxy?

Posted on June 24, 2023 by Winner1

I use Nekoray to set up proxies for my Windows system.
When I connect to those proxies, does using a browser-based proxy with HTTPS encryption secure my transferred data through the web browser?
Can my ISP or the Nekoray proxies see the UR… Continue reading Can a browser-based HTTPS proxy secure browsing data while using a system-level proxy?→

How to check if a Firefox add-on is malicious?

Posted on December 11, 2022 by J. Doe

How to check if a Firefox add-on is malicious ?
I’m interested about this one currently : https://addons.mozilla.org/en-US/firefox/addon/istilldontcareaboutcookies/
It got a Github repo

Continue reading How to check if a Firefox add-on is malicious?→

Browser extension threat targets millions of users

Posted on August 18, 2022 by Cedric Pernet

Browser extensions are amazing tools but sometimes not what they pretend to be. Some are in fact malicious and might be a great risk to the user or his/her data.
The post Browser extension threat targets millions of users appeared first on TechRepublic.
Continue reading Browser extension threat targets millions of users→

Why is not there encrypted way of sharing/showing data such as Password to the user (hidden from web app Source code)?

Posted on August 5, 2022 by BirukTes

I wonder if there will be (or is) a way to hide data such as passwords from the HTML/DOM structure? As, password fields can hide from external person other than the main user with something like "••••••••" but this does not preve… Continue reading Why is not there encrypted way of sharing/showing data such as Password to the user (hidden from web app Source code)?→