Massive security vulnerability in browsers detected

Massive security vulnerability in browsers detected

Many browsers have a gap in their security system, meaning that passwords are stored and can be intercepted by hackers, as a researcher expert team recently acknowledged. How does this happen and what can users do to protect their data?

Caching of data

Security researchers at CyberArk Labs have identified a vulnerability in Google’s Chrome browser which apparently also exists in Firefox and Edge. The team claimed that they have succeeded in reading sensitive user data from the working memory. Among other things, account and access data as well as the contents of cookies are apparently visible in plain text without encryption. The tool “ProcessHacker” enabled the security expert team to access the data. Assuming appropriate access to the computer, the discovered vulnerability can basically be exploited at will. According to CyberArk Labs, all browsers that rely on the Chromium engine which is mainly developed by Google are affected. However, other researchers found out that browsers such as Mozilla Firefox that do not use Chromium are also affected. In all popular browsers, it is possible to load passwords stored in the password manager into memory for further attacks. CyberArk said it had informed Google about the vulnerability. According to the team, Google had stated that it would not be desirable to close the data leak because such attacks were outside Chrome’s threat model, as stated in a published rationale. There would be no way for Chrome to defend itself against a malicious attacker if they already have access to the system and can run software with operating system user account privileges. Also, read MyAscension Login.

Security in online transactions 

Security on the internet is always an important issue, specifically for purchases and other transactions. Especially in areas where larger amounts of money are involved, it is necessary that security measures are fulfilled. This also applies to playing in online casinos. Many casino fans do not dare to try out online casinos because they fear that data could be misused, or winnings could be withheld. While the former can be prevented by using security measures such as virus scanners and apps for protection, free comparison portals can help with the second issue. These offer a comprehensive overview of different online casinos and provide information on their seriousness, bonus conditions and the gaming offer, for example the Leovegas NZ Casino Review. In this way, even inexperienced online casino friends can find a suitable provider quickly and free of charge and nothing stands in the way of playing. 

Measures against data theft

Basic measures that everyone should know about are secure passwords which are generated with a password generator and consist of a long combination of letters, numbers and special characters. Furthermore, two-factor authentication can help to trick hackers. Online services use it to check whether it is actually the right user who is trying to log into the account when an unusual login attempt is made. In this case, the service asks for a cell phone password which is sent to the user. So even if a hacker has stolen a password, he cannot access the account because he lacks the cell phone code as a second factor for access. 

Alternative applications

Of course, if there are security holes in the browsers, such measures cannot fully prevent data theft. In this case, the best method is to switch to other browsers which are more secure. Two recommended options are DuckDuckGo and Brave Browser. The former focuses on data protection and user privacy. The search engine does not store IP addresses, does not log information about visitors and only uses cookies to a manageable extent. Overall, DuckDuckGo is a free search engine that scores with clarity, setting diversity and the quality of the search results. Brave Browser, on the other hand, is a secure browser that already uses DuckDuckGo for searching. The browser impresses with fast operation and very good support for modern web standards, while privacy is preserved. Automatic tracking protection is enabled, but Brave also uses its own implementation called Brave Shields for this. Additionally, this technology also blocks advertisements. A combination of the two secure applications Brave Browser and DuckDuckGo offers much more protection than using Google systems like Firefox and Co. Hence, the security measures are a good alternative as long as Google is unwilling to close its security gaps.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses cookies to offer you a better browsing experience. By browsing this website, you agree to our use of cookies.