fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Google Chrome 90 Released With HTTPS As The Default Protocol

Google Chrome 90 Released With HTTPS As The Default Protocol

Google has released Chrome 90 today, April 14th, 2021, to the Stable desktop channel, and it includes security improvements, a new AV1 encoder, and the default protocol changed to HTTPS.

Chrome 90 fixes 37 security bugs, including a zero-day used at the Pwn2Own competition and publicly released Monday on Twitter.

Originally scheduled for release yesterday, it is believed Google pushed it back a day to fix the zero-day vulnerability.

Today, Google promoted Chrome 90 to the Stable channel, Chrome 91 as the new Beta version, and Chrome 92 will be the Canary version.

Windows, Mac, and Linux desktop users can upgrade to Chrome 90 by going to Settings -> Help -> About Google Chrome. The browser will then automatically check for the new update and install it when available.

Also Read: PDPA Compliance Singapore: 10 Areas To Work On

HTTPS is now the default protocol

With the release of Chrome 90, any URL entered in the address bar that does not contain a protocol (https:// or https://) will automatically be considered to be an HTTPS connection.

For example, if you type example.com in the address bar and press entered, Google Chrome previously would attempt to connect to the URL using the http:// protocol.

With Chrome 90, Google has switched the default protocol to https:// to increase security while browsing the web. Furthermore, as many sites redirect HTTP connections to HTTPS connections, this new default will increase performance as browsers will no longer be redirected.

Illustrating the Google Chrome's change of default protocol
Illustrating Google Chrome’s change of default protocol

However, there are some exceptions to this new rule.

In a blog post announcing this feature, Google noted that “IP addresses, single label domains, and reserved hostnames such as test/ or localhost/ will continue defaulting to HTTP.”

This feature is currently rolling out to Chrome users, so it may not be available to everyone as of yet.

Continued NAT Slipstreaming protection

Chrome 90 includes additional protection from NAT Slipstreaming attacks by blocking FTP, HTTP, and HTTPS connected on port 554.

NAT Slipstreaming attacks abuse a router’s Application Level Gateway (ALG) feature to gain access to any port on an internal network, potentially allowing threat actors to gain access to services that are normally secured by the router.

This port was previously blocked to prevent attacks but was opened again after Google received complaints from developers.

After performing further analysis of this port, Google has determined that it is used for only approximately 0.00003% of all requests.  Due to its low usage, Google is once again blocking it.

Google Chrome gets an AV1 Encoder

With Chrome 90, Google now includes an AV1 encoder to increase performance in videoconferencing software using WebRTC.

Google states that the benefits of the AV1 Encoder are:

  • Better compression efficiency than other types of video encoding, reducing bandwidth consumption and improve visual quality
  • Enabling video for users on very low bandwidth networks (offering video at 30kbps and lower)
  • Significant screen sharing efficiency improvements over VP9 and other codecs.

Google Tab Search continues to roll out

Google Chrome Tab Search feature continues to roll out in Chrome 90, with hopefully more users getting it without having to enable it via a flag.

The  Tab Search feature allows you to search through your open tabs among all open browser windows to find a specific page.

If you are like me and have 50+ tabs open at once, trying to find a particular page among all your open browser windows is a major pain.

With Tab Search, you can click on the little down arrow to the right of your tabs and search for a particular keyword found in a page’s title or URL. Tab Search will then display a list of open tabs that match that search keyword and allow you to quickly select and make the the active one.

Google Chrome Tab Search feature
Google Chrome Tab Search feature

Also Read: What Does A Data Protection Officer Do? 5 Main Things

Developer changes in Chrome 90

This release brings numerous new APIs, trials, and changes to Google Chrome. Below we have listed the main developer changes:

  • There’s a new value for the CSS overflow property.
  • The Feature Policy API has been renamed to Permissions Policy.
  • And there’s a new way to implement and use Shadow DOM directly in HTML.
  • Clipboard: read-only files support
  • WebAssembly Exception Handling
  • URL protocol setter: New restrictions for file URLs
  • WebXR Depth API
  • WebXR AR Lighting Estimation

For more details, be sure to check out the Chrome 90 developer changes blog post.

Also Read: The DNC Registry Singapore: 5 Things You Must Know

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us