TOP 3 cybersecurity events of the week according to Jet CSIRT
McAfee finds five Google Chrome extensions stealing user data
McAfee Threat Analysts found five Google Chrome extensions (Netflix Party, Netflix Party 2, Full Page Screenshot Capture – Screenshotting, FlipShope – Price Tracker Extension, AutoBuy Flash Sales) that steal data about users’ online activities. In total, the malicious extensions have been downloaded over 1.4 million times. The purpose of malicious extensions is to track the time of visiting marketplaces and change users’ cookies as if they followed a referral link. For such transitions, the authors of the extensions receive a partner reward. Every time a user visits a new URL, data is sent to the attacker via POST requests. This information includes the base64 URL, user ID, device location (country, city, zip code), and encoded referral URL.
GitLab specialists have announced security updates 15.3.2, 15.2.4, 15.1.6 for GitLab Community Edition (CE) and Enterprise Edition (EE). Fixed 15 vulnerabilities, one of which is critical XSS (CVE-2022-286). This vulnerability affects all versions prior to 15.1.6, versions 15.2-15.2.3, versions 15.3-15.3.1 of GitLab CE/EE. Attackers could exploit a vulnerability in the label color customization feature that could lead to stored XSS, which could allow arbitrary client-side actions to be performed on behalf of the victim.
Microsoft has discovered a vulnerability in the TikTok app