Cyber Security

Fake browser crash alerts turn Chrome extension into enterprise backdoor

Fake browser crash alerts turn Chrome extension into enterprise backdoor

Browser extensions are a high-risk attack vector for enterprises, allowing threat actors to bypass traditional security controls and gain a foothold on corporate endpoints. Case in point: A recently identified malicious extension called NexShield proves that a single user install from an official and nominally safe online marketplace can escalate into full remote access. Huntress researchers found that it downloads a previously undocumented Windows remote access trojan (RAT) onto domain-joined machines, which are “typically corporate … More

The post Fake browser crash alerts turn Chrome extension into enterprise backdoor appeared first on Help Net Security.

Read More

Related Posts

When the Olympics connect everything, attackers pay attention

When the Olympics connect everything, attackers pay att...

OpenAI to Show Ads in ChatGPT for Logged-In U.S. Adults on Free and Go Plans

OpenAI to Show Ads in ChatGPT for Logged-In U.S. Adults...

Keepnet bets on agentic AI behavioral training to curb security mistakes

Keepnet bets on agentic AI behavioral training to curb ...

Global tensions are pushing cyber activity toward dangerous territory

Global tensions are pushing cyber activity toward dange...

DevOps & SaaS Downtime: The High (and Hidden) Costs for Cloud-First Businesses

DevOps & SaaS Downtime: The High (and Hidden) Costs for...

Law enforcement tracks ransomware group blamed for massive financial losses

Law enforcement tracks ransomware group blamed for mass...