Tag: chrome

SecuX PUFido Clife Key Review

PUFido, is the world’s first FIDO2 key with embedded PUF chip authentication, offers seamless passwordless login across Web2 and Web3 platforms—including Google, Instagram, X (formerly Twitter), Binance, Coinbase, and OKX. Together, Cyber Athena and PUFido deliver end-to-end hardware protection—from identity verification to digital asset storage.

At the core is Cyber Athena, an enterprise-grade cold wallet that integrates PUF-based authentication via PUFido and PUFhsm hardware modules, designed to meet rising demand for secure, self-managed Bitcoin custody. This is aimed more so at Bitcoin and trading folk but anyone can use this in a wide range of scenarios and on multiple platforms.

With the ease of use and set-up it is the easiest new product to use for security matters and no expensive either and should be in your arson of tech if you are in business especially and the fact here with no faffing around with software is needed and it is multi-platform is makes it even better, see the video below for a demo.

 

Features

Multi-Protocol Support

WebAuthn 2.0
FIDO2 CTAP1
FIDO2 CTAP2
Universal 2nd Factor (U2F)

Cross-Platform Compatibility

Windows
MacOS
Linux
iOS
Android
ChromeOS

Other Security Key Reviews 

Get 10% off below using the code techbuzzireland

BUY.

Video

Chrome Users’ Browsers Hijacked by Threat Actors when Downloading Popular Pirated Content, HP warns

HP Ireland today issued its quarterly HP Wolf Security Threat Insights Report, showing threat actors are hijacking users’ Chrome browsers if they try to download popular movies or video games from pirating websites.

By isolating threats that have evaded detection tools on PCs, HP Wolf Security has specific insight into the latest techniques being used by cybercriminals in the fast-changing cybercrime landscape. To date, HP Wolf Security customers have clicked on over 30 billion email attachments, web pages, and downloaded files with no reported breaches.

Based on data from millions of endpoints running HP Wolf Security, the researchers found:

  • The Shampoo Chrome extension is hard to wash out: A campaign distributing the ChromeLoader malware tricks users into installing a malicious Chrome extension called Shampoo. It can redirect the victim’s search queries to malicious websites, or pages that will earn the criminal group money through ad campaigns. The malware is highly persistent, using Task Scheduler to re-launch itself every 50 minutes.
  • Attackers bypass macro policies by using trusted domains: While macros from untrusted sources are now disabled, HP saw attackers bypass these controls by compromising a trusted Office 365 account, setting up a new company email, and distributing a malicious excel file that infects victims with the Formbook infostealer.
  • Firms must beware of what lurks beneath: OneNote documents can act as digital scrapbooks, so any file can be attached within. Attackers are taking advantage of this to embed malicious files behind fake “click here” icons. Clicking the fake icon opens the hidden file, executing malware to give attackers access to the users’ machine – this access can then be sold on to other cybercriminal groups and ransomware gangs.

Sophisticated groups like Qakbot and IcedID first embedded malware into OneNote files in January. With OneNote kits now available on cybercrime marketplaces and requiring little technical skill to use, their malware campaigns look set to continue over the coming months.

To limit the chances of a security breach, businesses and users should avoid downloading files from untrusted sites. We have observed that threat actors are hijacking users’ Chrome browsers at times when downloading popular movies or video games from pirating websites. To protect against the latest threats, employees should be cautious of suspicious internal documents and check with the sender before opening. Organisations should also configure email gateway and security tool policies to block OneNote files from unknown external sources,” explains Val Gabriel, Managing Director of HP Ireland.

From malicious archive files to HTML smuggling, the report also shows cybercrime groups continue to diversify attack methods to bypass email gateways, as threat actors move away from Office formats. Key findings include:

  • Archives were the most popular malware delivery type (42%) for the fourth quarter running when examining threats stopped by HP Wolf Security in Q1.
  • There was a 37-percentage-point rise in HTML smuggling threats in Q1 versus Q4.
  • There was a 4-point rise in PDF threats in Q1 versus Q4.
  • There was a 6-point drop in Excel malware (19% to 13%) in Q1 versus Q4, as the format has become more difficult to run macros in.
  • 14% of email threats identified by HP Sure Click bypassed one or more email gateway scanner in Q1 2023.
  • The top threat vector in Q1 was email (80%) followed by browser downloads (13%).

To protect against increasingly varied attacks, organisations must follow zero trust principles to isolate and contain risky activities such as opening email attachments, clicking on links, or browser downloads. This greatly reduces the attack surface along with the risk of a breach,” comments Dr. Ian Pratt, Global Head of Security for Personal Systems, HP Inc.

HP Wolf Security runs risky tasks like opening email attachments, downloading files and clicking links in isolated, micro-virtual machines (micro-VMs) to protect users. It also captures detailed traces of attempted infections. HP’s application isolation technology mitigates threats that might slip past other security tools and provides unique insights into novel intrusion techniques and threat actor behavior