Security Audit

Our Web Application Pentest ( WAP) attempts to address the Owasp top 10 & SANS top 20 web application vulnerabilities and other exploitable loopholes of your web application . Along with it our WAP team also test web applications for Business logic flaws that can directly or indirectly effect the functioning of application.

Trainings

We are here to help you solve your biggest query- where and how to start? CDI has brought various courses in Ethical Hacking in Chandigarh where all you technology lovers will be given the much needed push to move forward and create a niche for yourself in the field. From Beginner to Expert level we have many kinds of training patterns.

Call Us : +91-771045-0011 | +91-771045-0022

Bug Alert! To all the Google Chrome users.

Posted By: Ljsingh / Aug 19, 2018 / 

Google chrome user’s privacy in DANGER!!

And here is how why?

 

Google chrome users, update your browser ASAP as the previous versions are vulnerable and hazardous for your privacy and identity.

The previous versions of Google chrome installed on your system are harmful as they contains a dangerous bug through which all your profile information of social media accounts like facebook or instagram can be stolen under your nose. The only solution against this snag is to update your browser ASAP.

 

Imperva an IT security services and products vending company discovered this bug of Google Chrome that when hackers exploits this vulnerability and they can snoop into the profile of facebook. This vulnerability have bugs in the Audio and Video tags which can be exploited.

Blink the Chrome’s web engine developed as the part of the Chromium project is found as the source of the bug as told by the researchers. By exploiting this bug attacker can steal information from the your Facebook profiles.

 

Ron Masas, reacher at Imperva, mentioned in his blog while explaining this bug,

“ The bug in question makes use of the Audio/Video HTML tags to generate requests to a target resource. By monitoring the progress events generated by these requests, it grants visibility into the requested resource is actual size. As we found out, this information can then be used to “ask” a series of yes and no questions about the browser user, by abusing filtering functions available on social media platforms like Facebook.”

 

In order to steal target's information hacker can inject malicious audio and video tags to the website. Now, hacker can lure the target to visit the site. If somehow target got trapped and has a tab with logged with facebook account than things would be easier for the malefactor.

 

Ron Masas also mentioned ,

“When a user visits the bad-actor site, the site injects multiple hidden video or audio tags that request a number Facebook posts the attacker previously published and restricted using different techniques. The attacker can then analyze each request to indicate, for example, the user’s exact age, as it’s saved on Facebook, regardless of their privacy settings.”

 

The information which can be stolen include your profile and all the things mentioned in it such as age, gender, location, likes, and other details.

 

So all the Google Chrome user you know what to do ....

Leave a Reply

Name
Email id
Contact No
Comment

See more of Cyber Intelligence by logging in.
Connect with cyber security experts,Discover job opportunities,Online Training, Information Security Advisory and lot more.