fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Google Chrome’s New Feature Lets You Easily Share Selected Text

Google Chrome’s New Feature Lets You Easily Share Selected Text

Google makes it easy to share text with friends and colleagues with a new Chrome 90 feature that lets you create links to selected text on a web page.

This new feature is rolling out now in Chrome 90 and is built on top of Google’s “Scroll-To-Text using a URL fragment” feature that they introduced earlier this year and is only available in Chrome.

Also Read: Compliance Course Singapore: Spotlight On The 3 Offerings

To create a link to selected text, simply highlight the text you want to link to and right-click on it. This will open a context menu that displays a “Copy link to highlight” option, as shown below.

Google Chrome copy link to highlight option
Google Chrome copy link to highlight option

When you click on the ‘Copy link to highlight’ option, Google Chrome will create a link to the text in the form of a text fragment URL, as shown by the URL below.

https://www.bleepingcomputer.com/news/google/google-chrome-90-released-with-https-as-the-default-protocol/#:~:text=NAT%20Slipstreaming%20attacks%20abuse%20a%20router%27s%20Application%20Level%20Gateway%20(ALG)%20feature%20to%20gain%20access%20to%20any%20port%20on%20an%20internal%20network%2C%20potentially%20allowing%20threat%20actors%20to%20gain%20access%20to%20services%20that%20are%20normally%20secured%20by%20the%20router.

If you paste that URL into a Google Chrome address bar and press enter, it will automatically open the page, scroll to the text you are sharing, and highlight it as shown below:

Text that is linked to becomes highlighted
Text that is linked to becomes highlighted

This feature is a great way to share specific text from a webpage with people. For example, if you are trying to share instructions on fixing something or pointing out a particular recipe on a page, you can now link to and highlight specific text for another person.

Also Read: Considering Enterprise Risk Management Certification Singapore? Here Are 7 Best Outcomes

However, Brave Browser security researcher Peter Snyder raised concerns that this feature could allow an attacker to determine if the text appears on a page.

“For example: Consider a situation where I can view DNS traffic (e.g. company network), and I send a link to the company health portal, with #:~:text=cancer. On certain page layouts, i might be able tell if the employee has cancer by looking for lower-on-the-page resources being requested.”

Snyder further illustrated how people could use it to detect whether a person is friends or follows someone on Facebook and Twitter.

“Besides the #:~:text=cancer example, I’m certain the same approach could be used to figure out if you’re Facebook friends with someone twitter.com#:~:text=@handle or many many other things.

The root of all these issues is that this is a SOP violation, where a separate origin can control the initial state of an unrelated origin. As long as that’s in place, there will be all sorts of sneaking-information-across-origins related-attacks possible.”

While Brave Browser ultimately enabled this feature, they made some changes so that the “scroll only happens when a web page is/becomes visible which ensures a page can’t scroll to anything without the user knowing.”

As this feature is currently rolling out to Chrome 90 users, it may not work for everyone as of yet.

If the feature is not enabled in your browser, you can enable it by going to chrome://flags/#copy-link-to-text in Chrome 90 and enabling the ‘Copy Link To Text’ feature.

Once you enable the feature, restart Chrome when prompted, and the ‘Copy Link To Text’ feature will now be enabled.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us