Connect with us
Vulnerability in Safari could leak browser history and Google account Vulnerability in Safari could leak browser history and Google account

Security

Vulnerability in Safari could leak browser history and Google account information

Published

on

Users of Apple devices have encountered a serious vulnerability in a proprietary browser. It allows attackers to access your browser history and some Google account information. The vulnerability exists in Safari 15 on all supported platforms, and even in third-party browsers running on iOS 15 and iPadOS 15, as it is related to the IndexedDB framework, which is used in many browsers to store data. It breaks the same-origin principle, which prevents documents and scripts from one location (such as a domain or protocol) from interacting with content from another. As a result, websites with the corresponding code have access to the above information.

Vulnerability in Safari could leak browser history and Google account information

Attackers only know the names of the records, not the values. However, this is enough to get the Google username, find the profile picture, and learn more about the user. The history can also be used to build a rudimentary profile of the sites he likes. As stated, the vulnerability cannot be hidden even in private browsing mode.

According to the source, he reported the problem to Apple on November 28, but the company has not yet fixed it with security patches.

.

Click to comment

Leave a Reply

Your email address will not be published.

Laptops

MSI Unveils Commercial 14 Laptop for the Enterprise Market: Security, Office Functions, and Environmental Care

Published

on

MSI Unveils Commercial 14 Laptop for the Enterprise Market Security

MSI has unveiled a new laptop at Computex – Commercial 14. It is designed for the B2B market, has features for corporate security and remote work. In addition, it is partly made from recycled plastic.

The exact model (or models) of the processors that will be used in Commercial 14 are not named – it is only known that it will be the 13th generation Intel Core i7 chip. Screen diagonal – 14 inches, resolution – FHD + (1920 x 1200).

MSI Unveils Commercial 14 Laptop for the Enterprise Market: Security, Office Functions, and Environmental Care

Among the features of the laptop, we can distinguish the presence of an NFC reader and an e-ID card slot. Thanks to them, an employee of the company will be able to enter the system by attaching (or inserting) his pass card to the computer. The available list of specifications says nothing about Windows Hello support, but above the screen you can see a couple of elements that look like an IR emitter and an IR sensor that can be used to unlock the system in the face.

The keyboard topcase is made from recycled materials (PCR) and over 90% of the packaging is made from recycled paper. This may attract companies claiming to follow a strategy of caring for the environment.

MSI also showcased the Mercedes-AMG Motorsport Stealth 16 performance laptop at Computex, a collaboration with Mercedes-AMG, as well as other models for gaming, work and creativity.

Continue Reading

Security

Microsoft has released a new version of Windows 11: a new widget panel, copying security codes, improved “Settings” and more

Published

on

Microsoft has released a new version of Windows 11 a

Microsoft has released a major functional update for the Windows 11 operating system. It brings an extensive list of innovations and improvements to various aspects of the system.

Microsoft has released a new version of Windows 11: a new widget panel, copying security codes, improved

Windows 11 22H2 Moment 3 (KB5026446) is currently available as an optional update, but these changes will also be included in the mandatory Patch Tuesday in June.

One of the main features is the new look of the widget panel with three columns – with two columns for news and one for widgets. Microsoft has also included animated icons for widgets on the taskbar. Another big change is the ability to copy security codes from notifications, so if you use two-factor authentication and receive notifications via email (or SMS from your phone), you can immediately copy this code to your clipboard.

Microsoft has released a new version of Windows 11: a new widget panel, copying security codes, improved

The Settings app now has a USB4 page where you can manage docking stations and connected devices. There’s also now a Presence Privacy Settings page that gives you more granular control over features like wake up your PC when approached or lock when you leave. There are also additional settings for brightness, touch keyboard. The Accounts page has also been updated to accurately display the available storage for all of a user’s OneDrive subscriptions.

Microsoft has released a new version of Windows 11: a new widget panel, copying security codes, improved

In File Explorer, context menus now support access keys. Accessibility has also been improved, including support for live subtitles in more languages, as well as support for voice access in more English dialects.

Taskbar improvements include displaying VPN status, and in response to user feedback, there is now an option to display seconds on the clock on the taskbar. The update brings an extra layer of protection against phishing and insecure passwords, and adds support for Bluetooth Low Energy Audio.

This is not a complete list of changes that Windows 11 22H2 Moment 3 brings. There are also improvements that are less noticeable to users, as well as a number of bugs, crashes and shortcomings.

Continue Reading

Laptops

Telegram has a vulnerability that allows attackers to use the MacBook’s camera and microphone

Published

on

Telegram has a vulnerability that allows attackers to use the

Google engineer Dan Reva has discovered a vulnerability in Telegram for macOS that allows attackers to use the laptop’s camera and microphone.

The vulnerability allows to inject a dynamic library (Dylib) with a malicious exploit into Telegram on macOS. With it, attackers will be able to record video from a camera with sound and save the file to a hidden folder on a Mac. Moreover, video and audio recording will work even if the corresponding permissions are disabled.

Telegram has a vulnerability that allows attackers to use the MacBook's camera and microphone

This is possible because Telegram for macOS does not use Apple’s built-in Hardened Runtime security mechanism.

Reva reported this issue to the Telegram team in February 2022. But the developers did not get in touch and still have not eliminated the vulnerability.

Continue Reading

Most Popular