Cyberbro🥳 Chrome extension IDs will be soon supported in Cyberbro!
Stay tuned 😎
#cti #malicious #detection #ioc #cybersecurity #infosec #malware #cyberhaven #chrome #extension
b̴̨h̷̢̨s̴̡̡̕͡ù̢á̴͘͠r͘͝e̛͠z̨̛̀͢Isn’t this a way to mitigate 0-day vulnerabilities? Enable auto-update for your browser? #cyberhaven #phishing #google #googlechrome
OneLogin had a similar incident a few months ago where an inadvertent Chrome browser extension update took out their entire SSO service for almost two days. At one point they had “all OneLogin engineers working on it”
Seems insane that both attack vectors were related to something most people don’t even use or care about: browser extensions. If you haven’t already, do an audit/cleanup of your browser extensions 😅
Something I learned a while ago was most (if not all) technology service interruptions are either one of two things (or both): a failed process, or human error. Seems like this (and the OneLogin outage) were the latter 😑 🤦♂️
Trevor McLeod
Jukka NiiranenDid you think the "Featured" badge on Chrome Web Store means the browser extension is reasonably secure to install? Well, it didn't stop the 200k users of YesCaptcha assistant from getting infected in the #Cyberhaven incident.
"34 Popular Chrome extensions impacting over 2.6 million users were found to be compromised and manipulated to exfil cookies and user passwords and other data from the browser. Many of the extensions are still live." https://www.extensiontotal.com/cyberhaven-incident-live
Hygiène2SurfDes extensions Google Chrome compromises siphonnent vos données https://whiteandhack.wordpress.com/2024/12/31/des-extensions-google-chrome-compromises-siphonnent-vos-donnees/ #Compromission, #Cyberhaven, #DonnéesPersonnelles, #Extension, #GoogleChrome, #Malveillant, #MiseàJour, #Phishing
MacGenerationLa firme de cybersécurité Cyberhaven se fait pirater son extension Chrome http://dlvr.it/TH4jx0 #cybersécurité #Cyberhaven
La firme de cybersécurité Cyberhaven se fait pirater son extension Chrome
Les employés de la firme de cybersécurité Cyberhaven ont passé un bien mauvais Noël : un pirate a réussi à accéder à leur compte Chrome Web Store et mis en ligne une version vérolée de leur extension de navigateur. Celle-ci était capable de récupérer...
I happen to be talking about #Chrome #malware, which is kind of a hot topic right now - thanks to this incident on the #Cyberhaven browser extension: https://medium.com/extensiontotal/when-chrome-extensions-turn-against-us-the-cyberhaven-breach-and-beyond-9e35e59e1bff
RF Wave#Cyberhaven has revealed their Chrome extension was briefly compromised
Cyberhaven alerted its customers of the breach on Dec 24, 2024. Their admin account for the Chrome store was compromised through phishing, and the attackers published an extension that stole sensitive info from users.
Users are advised to update to latest Cyberhaven Chrome extension, and to rotate credentials
The Threat CodexCyberhaven Extension Compromise
#Cyberhaven
https://secureannex.com/blog/cyberhaven-extension-compromise/
#Cyberhaven
https://secureannex.com/blog/cyberhaven-extension-compromise/
Miguel Afonso Caetano"Hackers have compromised several different companies' Chrome browser extensions in a series of intrusions dating back to mid-December, according to one of the victims and experts who have examined the campaign.
Among the victims was the California-based Cyberhaven, a data protection company that confirmed the breach in a statement to Reuters on Friday.
"Cyberhaven can confirm that a malicious cyberattack occurred on Christmas Eve, affecting our Chrome extension," the statement said. It cited public comments from cybersecurity experts. These comments, said Cyberhaven, suggested that the attack was "part of a wider campaign to target Chrome extension developers across a wide range of companies."
Cyberhaven added: "We are actively cooperating with federal law enforcement.""