Yazılar

Hackers Target Multiple Companies’ Chrome Extensions in Widespread Campaign

/in /tarafından

Hackers have compromised a variety of companies’ Chrome browser extensions in a series of cyberattacks that began in mid-December, according to affected firms and cybersecurity experts. One confirmed victim, Cyberhaven, a California-based data protection company, revealed the breach in a statement to Reuters on Friday.

“Cyberhaven can confirm that a malicious cyberattack occurred on Christmas Eve, affecting our Chrome extension,” the company said. It referenced cybersecurity experts’ findings, which indicated the breach was part of a broader campaign targeting Chrome extension developers across multiple organizations. The company also confirmed it is cooperating with federal law enforcement authorities in its investigation.

Browser extensions, often used to enhance user experience through features like auto-applying coupons or improving data management, were exploited in this campaign to compromise sensitive data. Cyberhaven’s Chrome extension is specifically designed to help monitor and secure client data across web-based applications.

Jaime Blasco, cofounder of Nudge Security in Austin, Texas, noted that Cyberhaven is not an isolated case. He identified several other compromised extensions, some impacted as early as mid-December. These included extensions related to artificial intelligence and virtual private networks (VPNs), suggesting an opportunistic approach aimed at collecting as much sensitive data as possible from a wide range of sources.

Blasco said, “I’m almost certain this is not targeted to Cyberhaven. If I had to guess, this was just random.”

The geographical reach of the campaign remains unclear. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) declined to comment, referring inquiries to the affected companies. Alphabet, the parent company of Google and maker of the Chrome browser, did not immediately respond to requests for comment.

This incident highlights the vulnerabilities associated with browser extensions and the potential for malicious actors to exploit them for broad data collection efforts. Experts urge developers and users alike to exercise caution and maintain robust security measures for extensions to prevent similar breaches.

 

Japan’s Antitrust Watchdog Expected to Rule Against Google in Search Monopoly Case

/in /tarafından

Japan’s Fair Trade Commission (JFTC) is reportedly set to conclude that Google violated antitrust laws through monopolistic practices in web search services, according to a report by Nikkei Asia. The JFTC is expected to issue a cease and desist order requiring Google to halt such practices.

The investigation, launched in October 2023, aligns with similar actions taken by competition regulators in Europe and other major markets. The JFTC’s focus has been on Google’s dominance in web search services, which is integral to the company’s broader business model.

Google, which has yet to comment on the matter, relies heavily on its Chrome browser to gather user data that enhances its ad-targeting capabilities. This dominance has faced increasing scrutiny globally, with Japan now joining a growing list of jurisdictions taking steps to curb Google’s alleged anticompetitive behavior.

In related developments, the U.S. Department of Justice recently called for Alphabet, Google’s parent company, to divest its Chrome browser. U.S. authorities are pushing for strict measures to dismantle Google’s search monopoly, including a five-year ban on re-entering the browser market.

The JFTC’s anticipated ruling underscores a broader global crackdown on tech giants accused of exploiting market dominance at the expense of fair competition.