Chrome users have faced 3 security concerns over the past 24 hours
news.movim.eu / ArsTechnica · Friday, 5 February, 2021 - 21:21
Users of Google’s Chrome browser have faced three security concerns over the past 24 hours in the form of a malicious extension with more than 2 million users, a just-fixed zero-day, and new information about how malware can abuse Chrome's sync feature to bypass firewalls. Let’s discuss them one by one.
First up, the Great Suspender, an extension with more than 2 million downloads from the Chrome Web Store, has been pulled from Google servers and deleted from users’ computers. The extension has been an almost essential tool for users with small amounts of RAM on their devices. Since Chrome tabs are known to consume large amounts of memory, the Great Suspender temporarily suspends tabs that haven’t been opened recently. That allows Chrome to run smoothly on systems with modest resources.
Google's official reason for the removal is characteristically terse. Messages displayed on devices that had the extension installed say only, “This extension contains malware” along with an indication that it has been removed. A Google spokesman declined to elaborate.
Malicious Chrome and Edge add-ons had a novel way to hide on 3 million devices
news.movim.eu / ArsTechnica · Wednesday, 3 February, 2021 - 21:09
In December, Ars reported that as many as 3 million people had been infected by Chrome and Edge browser extensions that stole personal data and redirected users to ad or phishing sites. Now, the researchers who discovered the scam have revealed the lengths the extension developers took to hide their nefarious deeds.
As previously reported, the 28 extensions available in official Google and Microsoft repositories advertised themselves as a way to download pictures, videos, or other content from sites including Facebook, Instagram, Vimeo, and Spotify. Behind the scenes, they also collected user’s birth dates, email addresses, and device information and redirected clicks and search results to malicious sites. Google and Microsoft eventually removed the extensions.
Researchers from Prague-based Avast said on Wednesday that the extension developers employed a novel way to hide malicious traffic sent between infected devices and the command and control servers they connected to. Specifically, the extensions funneled commands into the cache-control headers of traffic that was camouflaged to appear as data related to Google analytics, which websites use to measure visitor interactions.
Écriture inclusive : une extension pour navigateur facilite l’usage des points médians
news.movim.eu / Numerama · Friday, 29 January, 2021 - 10:33
Un étudiant en informatique vient de créer l'extension « Ecriture Inclusive Facile ». Sur navigateur, elle facilite l'usage de l'écriture inclusive en modifiant les points « . » en points médians « · » lors de la saisie. [Lire la suite]
Voitures, vélos, scooters... : la mobilité de demain se lit sur Vroom ! https://www.numerama.com/vroom/vroom//
L'article Écriture inclusive : une extension pour navigateur facilite l’usage des points médians est apparu en premier sur Numerama .
Chrome and Edge want to help with that password problem of yours
news.movim.eu / ArsTechnica · Friday, 22 January, 2021 - 12:45
If you’re like lots of people, someone has probably nagged you to use a password manager and you still haven’t heeded the advice. Now, Chrome and Edge are coming to the rescue with beefed-up password management built directly into the browsers.
Microsoft on Thursday announced a new password generator for the recently released Edge 88. People can use the generator when signing up for a new account or when changing an existing password. The generator provides a drop-down in the password field. Clicking on the candidate selects it as a password and saves it to a password manager built into the browser. People can then have the password pushed to their other devices using the Edge password sync feature.
As I’ve explained for years, the same things that make passwords memorable and easy to use are the same things that make them easy for others to guess. Password generators are among the safest sources of strong passwords. Rather than having to think up a password that’s truly unique and hard to guess, users can instead have a generator do it properly.
Up to 3 million devices infected by malware-laced Chrome and Edge add-ons
news.movim.eu / ArsTechnica · Wednesday, 16 December, 2020 - 19:58
As many as 3 million people have been infected by Chrome and Edge browser extensions that steal personal data and redirect users to ad or phishing sites, a security firm said on Wednesday.
In all, researchers from Prague-based Avast said they found 28 extensions for the Google Chrome and Microsoft Edge browsers that contained malware. The add-ons billed themselves as a way to download pictures, videos, or other content from sites including Facebook, Instagram, Vimeo, and Spotify. At the time this post went live, some, but not all, of the malicious extensions remained available for download from Google and Microsoft.
Google promet que les onglets dans Chrome vont se charger jusqu’à 10 % plus vite
news.movim.eu / Numerama · Tuesday, 25 August, 2020 - 16:40
La nouvelle version de Google Chrome, numérotée 85, contient des améliorations dans la gestion des onglets, notamment sur leur vitesse de chargement. [Lire la suite]
Abonnez-vous à notre chaîne YouTube pour ne manquer aucune vidéo !
L'article Google promet que les onglets dans Chrome vont se charger jusqu’à 10 % plus vite est apparu en premier sur Numerama .