VoidStealer Malware Darts Past Google Chrome's Encryption
Authors of the VoidStealer Trojan uncovered yet another way to get around Google's App-Bound Encryption (ABE), opening the door to infostealers.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Authors of the VoidStealer Trojan uncovered yet another way to get around Google's App-Bound Encryption (ABE), opening the door to infostealers.
An information stealer called VoidStealer uses a new approach to bypass Chrome's Application-Bound Encryption (ABE) and extract the master key for decrypting sensitive data stored in the browser. [...]
Not every risk looks like an attack. Some problems start as small glitches, strange logs, or quiet delays that don’t seem urgent—until they are. What if your environment is already being tested, just not in ways you expected? Some of the most dangerous moves are hidden in plain sight. It’s worth asking: what patterns are we missing, and what signals are we ignoring because they don’t match old
A proof-of-concept attack called "Cookie-Bite" uses a browser extension to steal browser session cookies from Azure Entra ID to bypass multi-factor authentication (MFA) protections and maintain access to cloud services like Microsoft 365, Outlook, and Teams. [...]
New Glove Stealer information-stealing malware can bypass Google Chrome's Application-Bound (App-Bound) encryption to steal browser cookies. [...]
New Glove Stealer information-stealing malware can bypass Google Chrome's Application-Bound (App-Bound) encryption to steal browser cookies. [...]
A researcher has released a tool to bypass Google's new App-Bound encryption cookie-theft defenses and extract saved credentials from the Chrome web browser. [...]
The emergence of novel anti-detection kits for sale on the Dark Web limit the effectiveness of a Chrome browser feature that warns users that they have reached a phishing page.
Infostealer malware developers released updates claiming to bypass Google Chrome's recently introduced feature App-Bound Encryption to protect sensitive data such as cookies. [...]
A vulnerability disclosed 18 years ago, dubbed "0.0.0.0 Day", allows malicious websites to bypass security in Google Chrome, Mozilla Firefox, and Apple Safari and interact with services on a local network. [...]
Google is working on a new Unrestricted WebUSB feature, which allows trusted isolated web apps to bypass security restrictions in the WebUSB API. [...]
A new speculative execution attack named "TIKTAG" targets ARM's Memory Tagging Extension (MTE) to leak data with over a 95% chance of success, allowing hackers to bypass the security feature. [...]
A more sophisticated version of a "work in progress" malware is impersonating a Google Chrome app to attack a wider swath of mobile users.
A new malware strain called Rilide has been targeting Chromium-based web browsers like Google Chrome, Brave, Opera, and Microsoft Edge, to monitor user browsing history, snap screenshots, and inject scripts that can steal cryptocurrency. [...]
Listen now! Or read if you prefer...