Tag: Chrome | SpinSafe

Google Chrome is getting a paid version with top-notch security features

April 12, 2024/in Mobile Security

What you need to know

Google is revamping Chrome for businesses with Chrome Enterprise Premium, offering advanced security features for a monthly fee.
Chrome Enterprise Premium offers both a paid and free version. The paid version emphasizes enhanced security features such as data loss prevention and deep malware scans.
Chrome Enterprise Premium employs context-aware access controls to identify and mitigate potential data leaks, even from unauthorized apps.

Google is giving Chrome a security makeover for businesses. Called Chrome Enterprise Premium, it adds a bunch of advanced security features for those willing to pay monthly.

Google has been using enterprise Chrome for a while, allowing IT admins to control things like browser settings and the apps enterprise users use. Chrome Enterprise also offers data protection, malware guards, and phishing protection.

At $6 a month per user, Chrome Enterprise Premium beefs up security even more, recognizing that browsers are now where the big work goes down.

As users worldwide tap into Chrome on their phones and work devices and deal with various software versions and platforms, Google’s got their back. Chrome Enterprise Premium offers a bunch of tools to keep things locked down tight at every step.

Chrome Enterprise Premium comes in two flavors: Core, which is free, and Premium. Google is pitching this version as a web browser that doubles down on online safety, performing deep malware scanning, stopping data leaks in their tracks, and even letting you filter URLs based on what kind of websites they are.

However, the paid and free Chrome Enterprise versions have some big differences. The Premium tier provides data loss prevention and deep malware scans, but the Core (free) doesn’t. But even with Core, you still get basic stuff like phishing and malware protection.

There’s some sort of AI magic in there, too, with Google saying it’s using artificial intelligence to tackle malware and phishing head-on.

Chrome Enterprise Premium doesn’t stop there—it kicks Zero Trust up a notch with context-aware access controls. This means it can sniff out potential data leaks,…

Source…

Serious New Warning Issued for 1 Billion Google Chrome Users

April 4, 2024/in Internet Security

If you’re one of Chrome’s billion-plus desktop users, there’s a devious threat to your personal data and login credentials that’s now getting worse. Google has plans to fix it, but in the meantime you have just been warned to beware the risks…

New Chrome update masks a serious warning for Windows users

Jaap Arriens/NurPhoto

Cookies get a bad press—these devilish little tracking files on your PC have a nasty habit of following you around the Internet, reporting back on your activity. Google’s long-delayed killing of such third-party trackers is now underway and long overdue.

But those tracking cookies have helpful little cousins, first-party cookies, that recognize your device as belonging to you, and log you back into accounts and websites as an accreditation shortcut—otherwise you’d spend your day logging in.

All very good—unless they’re stolen of course.

“Many users across the web are victimized by cookie theft malware,” Google warns, “giving attackers access to their web accounts. Operators of Malware-as-a-Service (MaaS) frequently use social engineering to spread cookie theft malware.”

Google’s warning comes as part of a proposed update to its Chrome desktop browser to address this, acknowledging that while “fundamental to the modern web… due to their powerful utility, cookies are also a lucrative target for attackers.”

This is mainly a desktop challenge, and Google’s smart answer is to bind such cookies to the user’s device, rendering them useless if stolen absent access to that original device itself. “We’re prototyping a new web capability called Device Bound Session Credentials (DBSC) that will help keep users more secure against cookie theft… By binding authentication sessions to the device, DBSC aims to disrupt the cookie theft industry since exfiltrating these cookies will no longer have any value.”

Put Google’s new beta update to one side for now—take this as a warning to be aware of the risks and to keep those risks in mind—especially when logging into financial sites or enterprise systems belonging to the…

Source…

Google Chrome to get real-time phishing protection

March 15, 2024/in Computer Security

Google will bring real-time malware protection and phishing protection to all Chrome users in an update later this month.

The update from Google is expected later this month and will come with an opt-in for enhanced browsing protection mode.

Currently the safe browsing standard uses a local list against which sites, downloads, and extensions are checked. This list is downloaded every 30 to 60 minutes from Google’s servers. However, with the update Google plans to switch to real-time checks against ist server-side list to keep up with malicious websites that surface and disappear in under 10 minutes.

This improved time is expected to block 25% more phishing attempts, Google shared in a blog post.

(For top technology news of the day, subscribe to our tech newsletter Today’s Cache)

The new capability will also be rolling out to Android later this month. Google says the feature uses encryption and other privacy enhancing techniques ensuring user privacy.

Source…

Beware of this ‘dangerous’ Chrome app that can automatically steal your passwords and photos

February 27, 2024/in Computer Security

A team of researchers have found malware that, once installed on any Android device, can automatically steal users’ data like photos, passwords and chats. It is a new variant of MoqHao (also referred to as Wroba and XLoader), which is a well-known Android malware family. Recently, the McAfee Mobile Research Team found that MoqHao has begun distributing this ‘new dangerous’ variant via SMS links.

What makes this malware dangerousAccording to the report, the hackers send a link to download the malicious app via SMS. While a typical MoqHao malware requires users to install and launch the app, this variant requires little execution from the users’ side. When the app is installed, hackers’ malicious activity starts automatically.

The malware disguises itself as ‘Chrome’ that can fool Android users into downloading the app. Once downloaded, the malware requests users to set itself as the default SMS app with prompts in various languages like Hindi, English, French, Japanese and German.

“Also, the different languages used in the text associated with this behaviour suggests that, in addition to Japan, they are also targeting South Korea, France, Germany, and India,” McAfee said.

How this malware worksThe hackers use social engineering techniques to convince users to set this malicious app as the default app. They show messages just like the way a legitimate app would flash. This message is fake and is used to make users believe that they have downloaded a legitimate app.

How to spot the malware-laden Chrome app
This app has an italic ‘r’ and asks users to let the app always run in the background. Google Chrome doesn’t ask for such permission. Furthermore, any link that comes via an SMS is a red flag and must not be clicked.

McAfee said that the company has already reported this technique to Google and the company is “already working on the implementation of mitigations to prevent this type of auto-execution in a future Android version.”

Expand

The Google Chrome app is available to download from Google Play Store and it is advised that users download all apps from the official store. Android users are protected by Google Play Protect, which is on by default on Android devices with…

Source…

Tag Archive for: Chrome

What you need to know