Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2012-12-24 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Merry Christmas!

Published: 2012-12-24
Last Updated: 2012-12-24 22:02:19 UTC
by Manuel Humberto Santander Pelaez (Version: 1)
0 comment(s)

We wish all our readers Merry Christmas and hope you enjoy a lot with your families tonight. We will continue meanwhile watching what happens on the Internet ;)

Manuel Humberto Santander Peláez
SANS Internet Storm Center - Handler
Twitter:@manuelsantander
Web:http://manuel.santander.name
e-mail: msantand at isc dot sans dot org

Keywords:
0 comment(s)

Google blocks silent Chrome extension installation

Published: 2012-12-24
Last Updated: 2012-12-24 22:02:04 UTC
by Manuel Humberto Santander Pelaez (Version: 1)
0 comment(s)

According to chromium blog, Google Chrome 25 won't allow anymore silent extensions installs. This is good, because attacks like the Chrome malicious extension injecting ads to wikimedia pages in may won't happen without the user's consent. This is similar to Internet Explorer Protected Mode, which does not allow extension installations and Firefox add-on control since Firefox 8.

This kind of controls enforce the security settings described in the corresponding security templates of web browsers. So far, the only browser that posess the most scalable security baseline is still Internet Explorer, as there are specific Global Policy Objects (GPO) to apply for Internet Explorer that has been tested and deployed worldwide. Google Chrome also have security templates with the corresponding documentation, but you need to build your own GPO to deploy to a Windows Domain. For Firefox, FirefoxADM is able to generate Security GPO to manage security parameters.

Have you suffered lately any attacks regarding malicious extensions for Chrome? For Firefox or Internet Explorer? Let us know!

Manuel Humberto Santander Peláez
SANS Internet Storm Center - Handler
Twitter:@manuelsantander
Web:http://manuel.santander.name
e-mail: msantand at isc dot sans dot org

Keywords:
0 comment(s)
Diary Archives