- Google Developer Discovers a Critical Bug in Modern Web Browsers
The Google researcher has discovered a severe vulnerability in modern web browsers that could have allowed websites you visit to steal the sensitive content of your online accounts from other websites that you have logged-in the same browser. According to the Jake Archibald, developer advocate for Google Chrome, the vulnerability resides in the way browsers handle cross-origin requests to video and audio files, which if exploited, could allow remote attackers to even read the content of your Gmail or private Facebook messages. According to Archibald, this loophole can be exploited by a malicious website using an embedded media file on its webpage, which if played, only serves partial content from its own server and asks the browser to fetch rest of the file from a different origin, forcing the browser to make a cross-origin request.
Cyber Security Tips: Users are strongly recommended that update your browser with latest version, be careful while using online banking, and avoid clicking on any ads, install antivirus software.
- Popular Flight Tracker Flightradar24 Suffers Data Breach
The world’s most popular flight tracker. Watch aircraft move around the world in real-time on detailed map, get up-to-date flight status & airport information. If you are user then bad news for you. According to the latest report published by hacker news, one of the world’s most popular flight tracking services Flightradar24, has suffered a massive data breach that may have compromised email addresses and hashed passwords for more than 230,000 customers. Without revealing any information about the breach publically via their blog or social media accounts, Flightradar24 started sending out emails earlier this week with a password reset link, asking them to change their passwords.
Cyber Security Tips: Users are strongly recommended that change your password immediately and use strong password. If you used same password for different account you are recommended to reset it, never use same password for different account and keep monitoring your account.