fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Google Just Gave Millions Of Users A Reason To Quit Chrome

Google Just Gave Millions Of Users A Reason To Quit Chrome

Google has been reinventing Chrome recently, but the company has also just revealed a powerful reason you should quit and move to a rival browser. 

In a bold new report (via ZDNet), Google engineers have revealed that “unsafe” code within Chrome is responsible for 70% of its security vulnerabilities and 125 of the 130 “critical” bugs found in the browser over the last year. 

05/28 Update: expanding upon this story, it is important to note that Microsoft is already working on improving the C and C++ code code in its Chromium-based Edge browser with Project Verona, code inspired by Rust (detailed below). Speaking with ZDNet earlier this month, Microsoft states C and C++ have “reached a wall [and] We can’t really do much more than we already have. It’s becoming harder and harder and more and more costly to address these issues over time.” Discussing its decision, Microsoft said: “We need to look out to the industry to see what the best alternative to C++ is. And it turns out that language is a language called Rust. We’re looking to adopt that language to make our system software at Microsoft more safe and reliable.” Despite Edge being based on Google’s Chromium source code, Microsoft’s proactive decision has the potential to give Edge a head-start against Chrome, though Firefox still has a clear first mover advantage.

The engineers specifically lay the blame on C and C++, 48 and 35-year-old programming languages respectively, which “don’t come with restrictions or warnings to prevent or alert developers when they’re making basic memory management errors. These early coding errors result in memory management vulnerabilities being introduced in applications.” 

And this is a big deal. Memory management flaws are the most highly prized vulnerability by hackers, coming first, fifth and seventh in the top 10 list of dangerous vulnerabilities by Mitre, the non-profit organization which manages the US government’s database of software vulnerabilities. 

But it doesn’t have to be this way. While all Chromium-based browsers (Microsoft Edge, Opera, Brave, etc) are built on the same code and therefore subject to the same weaknesses, one alternative stands out: Firefox. Unlike Chromium browsers, Firefox makes use of Rust, a safety-focused programming language which is specifically designed to be memory safe

Firefox creator Mozilla developed Rust and has been integrating it into Firefox over the last three years. Now Google states it is looking at Rust, along with Swift, JavaScript, Kotlin and Java as programming languages to replace the C and C++ code in Chrome. The company is also working on custom C++ libraries after admitting that its strategy of sandboxing “has reached its maximum benefits when taking performance into account.”

It is to Google’s credit that it is now looking to address the memory unsafety problem at the heart of Chrome and Chromium “by any and all means necessary”, but there is no timeline on how long this will take or how it will be done with the company still weighing up its options. In the meantime, for those looking for a browser three years further down the line, Firefox looks like a good bet. 

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us