65 replies to this topic

[AplusWebMaster]

FYI...

Browsers hacked at Pwn2Own...
- http://h-online.com/-1819164
8 March 2013 - "The Pwn2Own competition at CanSecWest has come to an end with the second day being like the first day. No web browser plugin survived being attacked and Adobe Flash, Adobe Reader XI and Java were all successfully hacked. Vupen security, who had demonstrated exploits of Internet Explorer 10*, Firefox** and Java on day one, returned with an exploit for Adobe Flash... In response to day one's exploits, both Mozilla and Google*** have shipped updates to their browsers. Mozilla's Firefox has been updated to version 19.0.2 with a fix for the vulnerability; the same fix, for a use-after-free in the HTML editor which could lead to arbitrary code execution..."
* https://technet.micr...lletin/ms13-021
March 12, 2013 - Critical - IE 6, 7, 8, 9, 10

** https://www.mozilla....l#firefox19.0.2
Fixed in Firefox 19.0.2

*** http://googlechromer...l-update_7.html
Fixed in v25.0.1364.160

Edited by AplusWebMaster, 16 March 2013 - 11:45 PM.

[AplusWebMaster]

FYI...

Users ignore Chrome security warnings...
- http://www.theregist...secure_browser/
15 July 2013 - "... The study, Alice in Warningland: A Large-Scale Field Study of Browser Security Warning Effectiveness (PDF*) collected “25,405,944 warning impressions in Google Chrome and Mozilla Firefox in May and June 2013” and found that plenty were ignored.
Here's the basic data.
>> http://regmedia.co.u...owser_study.png
... The study's authors, one Googler and Devdatta Akhawe of the University of California, Berkeley, are not sure why Chrome users are so blasé. False positives are one possible reason, differing levels of competence among users are also found to account for another point or two of difference. “Warning fatigue” is advanced as another reason users ignore warnings, and the study re-learns one of the lessons of Windows Vista by pondering if fewer warnings may be one way to improve security..."
* http://www.cs.berkel...warningland.pdf

[AplusWebMaster]

FYI...

Fake extensions for Chrome or Firefox - hijack...
- http://blog.trendmic...rowser-add-ons/
July 30, 2013 - "We spotted yet another threat lurking around social media sites targeting users of either Google Chrome or Mozilla Firefox. This threat uses fake extensions for both browsers to infiltrate user systems and hijack social media accounts – specifically, Facebook, Google+, and Twitter accounts. To install these fake extensions, users would see various lures on social media sites to try to get users to install a fake video player update. In reality, this player update is a -malicious- file detected as TROJ_FEBUSER.AA, installs a browser plugin depending on the browser currently being used. One earlier version we saw for Google Chrome, detected as JS_FEBUSER.AA, identifies itself as Chrome Service Pack 5.0.0. In the case of Mozilla Firefox, the fake plugin is Mozilla Service Pack 5.0:
> http://blog.trendmic...S-AA-plugin.jpg
Google Chrome has since flagged this particular plugin as malicious. An updated version of the plugin, detected as JS_FEBUSER.AB, is identified as F-Secure Security Pack 6.1.0 (for Google Chrome) and F-Secure Security Pack 6.1 (for Mozilla Firefox):
> http://blog.trendmic...S-AB-plugin.jpg
Once installed, it connects to a malicious URL to download a configuration file. It uses the details on that configuration file to hijack the user’s social media accounts and perform the following actions, -without- any authorization from the user:
• Like pages
• Share posts
• Join a group
• Invite friends to a group
• Chat with friends
• Post comments
• Update status
This threat tries to perform the above actions on three different social networks: Facebook, Google+, and Twitter. Because of this, in effect, the attackers are able to hijack the accounts of the users and could, for example, use them to spread links to other malicious sites. One more thing to note: the fake video player update is digitally signed... Users are once more reminded to always be aware and vigilant of such scams..."

[AplusWebMaster]

FYI...

Browser plugins - up-to-date? ...
- http://www.theregist...ser_insecurity/
Dec 2, 2013 - "... findings, based on 1.4 million BrowserCheck* computer scans, paint a picture of e-commerce buyers left wide open to attacks by cybercriminals just before the busiest online shopping period of the year. Browser vulnerabilities are routinely used to push malware at victims from compromised (often otherwise legitimate) websites through drive-by download attacks. Chrome has close to 40 per cent of its instances afflicted with a critical vulnerability. Similar numbers apply to Firefox and Internet Explorer, which have 35 per cent and 41 per cent of their instances vulnerable to attacks. Safari (29 per cent) and Opera (34 per cent) came in as the best of a bad bunch, according to the figures from Qualys**..."
**  https://community.qu...shopping-online

Vulnerable Browsers - 2013
- https://community.qu...9/vb_2013_6.png
Most vulnerable Plugins - 2013
- https://community.qu...00/vbp_2013.png

* BrowserCheck: https://browsercheck...m/?scan_type=js
 

[AplusWebMaster]

FYI...

Chrome Pop-Up to warn Windows users of Browser Hijacking
- http://threatpost.co...ijacking/104009
Feb 3, 2014 - "A rising number of online -scams- involve the modification of browser settings where a hacker spikes a free download or website with malware. The end result is generally a click-fraud scheme of some kind where the new browser settings might include spiked search engine pages or a new home page enticing the user to click on a link where the attacker would profit from the click. Google says hijacked settings are Chrome users’ No. 1 complaint, and late last week it enhanced an existing feature* in the browser to get a little more in your face about fending off hijacking attempts..."
* http://chrome.blogsp...d-settings.html

- https://lh3.ggpht.co...t Prompt v1.png
 

 

[AplusWebMaster]

FYI...

Your Browser is Out of Date – or is it?
- https://blog.malware...-date-or-is-it/
Jan 22, 2015 - "Do you need to “update” your browser? Think fast, because it’s time for a website to ask you that exact question! browser-updater(dot)com* takes a look at what browser you’re running, -alters- the content of the landing page to make it 'relevant' then lets you know in no uncertain terms that you could do with a bit of updating... neither page mentions security, which is typically the most common approach... As far as the file served goes, it kept crashing in testing but according to this page** on Urlquery the site has offered up something which claims to “Improve Browser Speed”..."
** https://urlquery.net...d=1417544772066

* 54.165.248.73: https://www.virustot...73/information/