Malicious Extension Abuses Chrome Sync To Steal Users’ Data The Google Chrome Sync feature can be abused by threat actors to harvest information from compromised computers using maliciously-crafted Chrome browser extensions. Google’s infrastructure is also up for misuse as a command-and-control (C2) communication channel to exfiltrate the stolen data to attacker-controlled servers as security consultant Bojan Zdrnja discovered. Chrome
Windows 10 April Updates Remove Microsoft Edge Legacy Permanently Microsoft has announced today that Microsoft Edge Legacy will be permanently removed and replaced with the new Microsoft Edge after installing April’s Windows 10 Patch Tuesday security update. “To replace this out of support application, we are announcing that the new Microsoft Edge will be available as part of the Windows
SitePoint Discloses Data Breach After Stolen Info Used In Attacks The SitePoint web professional community has disclosed a data breach after their user database was sold and eventually leaked for free on a hacker forum. SitePoint is a website launched in 1999 that offers content and a community devoted to web professionals and developers. The
Microsoft Warns Of Increasing OAuth Office 365 Phishing Attacks Microsoft has warned of an increasing number of consent phishing (aka OAuth phishing) attacks targeting remote workers during recent months, BleepingComputer has learned. These attacks were part of two campaigns that ran between September and December 2020, targeting victims in multiple recurring waves. One of the two
Established in 2018, Privacy Ninja is a Singapore-based IT security company specialising in data protection and cybersecurity solutions for businesses. We offer services like vulnerability assessments, penetration testing, and outsourced Data Protection Officer support, helping organisations comply with regulations and safeguard their data.
Singapore
7 Temasek Boulevard,
#12-07, Suntec Tower One,
Singapore 038987
