With Manifest V3, Google wants to make extensions safer by prioritizing privacy, but was initially criticized for the impact to ad blockers. The Chrome team has since added new features in response and is ready to disable old Manifest V2 extensions in 2024

#Browsers #CoSoSec

Resuming the transition to Manifest V3

https://developer.chrome.com/blog/resuming-the-transition-to-mv3

ICYMI

uBO Lite (uBOL) is a *permission-less* MV3-based content blocker. from uBlock Origin

https://chrome.google.com/webstore/detail/ublock-origin-lite/ddkjiahejlhfcafbddmgiahcphecmpfh

Scammers have started sending spam texts to people in the US through spoofed phone numbers using end-to-end encrypted RCS messages, posing a new security concern.

#CoSoSec

https://www.androidpolice.com/rcs-spam-united-states/

Google Messages has implemented effective spam filtering for these messages, but it is important to remain cautious and skeptical of suspicious texts, even if they appear as encrypted RCS chats

Tuta mail has been called a honeypot by a Canadian ex-spy, who is on trial for leaking sensitive information from the Five Eyes to criminals.

#CoSoSec

Read Tuta's full statement:

https://tuta.com/blog/tutanota-not-a-honeypot

meanwhile:

Australia's largest ports operator is set to keep its sites closed for days as it recovers from a cyber-attack

#CoSoSec

Operations at its container terminals in Melbourne, Sydney, Brisbane and Perth have been suspended since Friday.

On Monday, Ports Australia, which represents authorities and companies in the industry, said "The current disruption is isolated to DP World terminals."

Ports Australia Clarifies Misinformation

https://www.portsaustralia.com.au/blog/ports-australia-clarifies-misinformation

Making Search Engines Safe For Kids with Control D

#TipsAndTricks #CoSoSec

Control D has its own Safe Search setting, found under the Profile Options section. Turning this on will force all search engines that have a Safe Search function to enable them and block any that don’t have that functionality. It’s a simple and effective way to enable these browser features and prevent your kids from easily circumventing them.

https://blog.controld.com/making-search-engines-safe-for-kids-with-control-d

A complete report about the threat actors’ activities has been published, providing detailed information about the compromise, Cambodian government entities, and other information.

Unit 42 has identified malicious Chinese APT infrastructure masquerading as cloud backup services. Monitoring telemetry associated with two prominent Chinese APT groups,

#CoSoSec

https://unit42.paloaltonetworks.com/chinese-apt-linked-to-cambodia-government-attacks/

Sensitive health information donated for medical research by half a million UK citizens has been shared with insurance companies despite a pledge that it would not be.

Private UK health data donated for medical research shared with insurance companies

#CoSoSec

https://www.theguardian.com/technology/2023/nov/12/private-uk-health-data-donated-medical-research-shared-insurance-companies

threat group known as Anonymous Sudan claimed that they were the ones who took down Cloudflare's website in a distributed denial-of-service (DDoS) attack.

Anonymous Sudan (aka Storm-1359) also claimed a DDoS attack that took down OpenAI's ChatGPT bot on Wednesday

--- via their telegram

Cloudflare confirmed that the outage resulted from a DDoS attack that only affected the www.cloudflare.com website without impacting other products or services.

#CoSoSec

#Browsers #CoSoSec

Firefox Desktop has fixed its Blob leak, the browser is passing all of https://PrivacyTests.org State Partitioning (cross-site data leak) tests! And this fix has propagated to LibreWolf as well

Firefox and LibreWolf join Brave, Mullvad, and Tor Browser in having no leaks of data between websites. Firefox's Gecko browser engine thus becomes the first of the three major browser engines (Gecko, WebKit, Chromium) to have a clean bill of health on cross-site data leaks on desktop.

Mullvad Encrypted DNS servers to run in RAM

#MullvadVPN #CoSoSec

Primarily as a service to be used when not connected to our VPN servers, this service is completely cost-free, and available to anyone that wishes to have a trustworthy, audited Encrypted DNS service with optional content blocking.

http://github.com/mullvad/dns-blocklists

This service is available from servers located worldwide, and can be configured by using the following guide on our website.

https://mullvad.net/help/dns-over-https-and-dns-over-tls/

https://mullvad.net/en/blog/moving-our-encrypted-dns-servers-to-run-in-ram

Check

New breach: Chess had over 800k user records scraped this week and published to a popular hacking forum. The data included email address, name, username and the geographic location of the user. 99% were already in haveibeenpwned.

Mate

#CoSoSec

https://www.hackread.com/hacker-leaks-scraped-chess-com-user-records/

The scraped Chess.com data was leaked on Breach Forums on November 8th, 2023 by a threat actor operating under the alias ‘DrOne.’

Signal Messenger Testing Usernames to Replace Phone Numbers

#CoSoSec

Read more:

https://restoreprivacy.com/signal-messenger-testing-usernames-to-replace-phone-numbers/

Anyone using Discord to host files will want to change that, as links to those files will begin to refresh every 24 hours by the end of this year. The company told Bleeping Computer that doing so will help the company fight malware spreading on its platform since that gives it more ability to “restrict access to flagged content.”

#Discord #CoSoSec

https://www.bleepingcomputer.com/news/security/discord-will-switch-to-temporary-file-links-to-block-malware-delivery/

Google is rolling out an "Independent security review" badge in the Play Store's Data safety section for Android apps that have undergone a Mobile Application Security Assessment (MASA) audit.

#CoSoSec #Android

"We've launched this banner beginning with VPN apps due to the sensitive and significant amount of user data these apps handle," Nataliya Stanetsky of the Android Security and Privacy Team said.

https://security.googleblog.com/2023/11/more-ways-for-users-to-identify.html

AI cameras took over one small American town. Now they're everywhere.

#AI #CoSoSec

Hundreds of docs show how Fusus brings usually separate camera feeds (doorbells, CCTV, drones) into one central hub for cops and adds AI to them. Object recognition, "people" more

https://www.404media.co/fusus-ai-cameras-took-over-town-america/

this is genius

#CrytoCurrency #CoSoSec

Hiding your crypto wallet keys in a VHS copy of The Wizard of Oz or a copy of Perfect Dark for the Nintendo 64

The method is explained in a video by Adam Clegg

create a QR code for the crypto key, then use an S-VHS recorder to insert it into a The Wizard of Oz tape. Play the tape, reach the part where the QR code will appear on screen, scan it with your phone and there’s the password

…genius.

https://youtu.be/NjO1ZiEf7YQ

Boeing acknowledges cyberattack on parts and distribution biz

#CoSoSec

Won't say if it's LockBit, but LockBit appears to have claimed credit. Maybe payment, too

https://theregister.com/2023/11/02/boeing_cyber_incident

'Elektra-Leak' Attackers Harvest AWS Cloud Keys in GitHub Campaign

Cyber adversaries are scanning public GitHub repositories in real-time, evading Amazon quarantine controls, and harvesting AWS keys.

#CoSoSec

https://www.darkreading.com/cloud/elektra-leak-attackers-harvest-aws-cloud-keys-github-campaign

Earlier this week, ServiceNow announced on its support site that misconfigurations within the platform could result in "unintended access" to sensitive data.

#nosanitize

https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1553688

For organizations that use ServiceNow, this security exposure is a critical concern that could have resulted in major data leakage of sensitive corporate data. ServiceNow has since taken steps to fix this issue.

#CoSoSec

https://www.theregister.com/2023/10/26/servicenow_data_exposure_flaw/

Hackers Abusing OAuth Token To Take Over Millions Of Accounts

OAuth vulnerability has been discovered in three of the major extensions such as Grammarly, Vidio, and Bukalapak

#CoSoSec

OAuth is an authentication protocol that was introduced in 2006 and acts as a passwordless signing-in for many applications through social media accounts such as Facebook, Twitter, or Google

https://gbhackers.com/hackers-abusing-oauth-token/