A new exploit discovered in Adblock Plus, AdBlock, and uBlocker browser extensions would allow hackers to inject malicious scripts into the blockers according to Security Researcher Armin Sebastian.
Usman Rahim, Digital Security & Operations Manager atThe Media Trust:
“Blockers have risen in popularity not only among consumers, but businesses. And for very good reasons. To begin with, they promise to block annoying or criminal elements. The problem is they may not live up to their promise, such as when bad actors inject malicious code that reprograms a blocker to steal from site visitors. Blockers were never meant to be a complete solution, and are only as good as their code and data. For companies that use blockers as their only security measure, the stakes are even higher as are the ways these blockers can go awry. While blockers promise a simple, convenient solution, they can’t stand alone against today’s malware attacks. For starters, they are often dependent on third party data feed. If that feed is incomplete or out of date, the blocker will fail. Blockers can also fail when they are improperly implemented. In today’s difficult security environment, where there are too many points of failure and attack vectors, the best defense is a multipronged approach that combines a blocker that is fed frequently updated first party data with continuous scanning that can help identify unknown or out-of-the-box threats.”
ISBuzz Team embodies the collaborative efforts of the dedicated staff at Information Security Buzz, converging a wide range of skills and viewpoints to present a unified, engaging voice in the information security realm. This entity isn't tied to a single individual; instead, it's a dynamic embodiment of a team diligently working behind the scenes to keep you updated and secure. When you read a post from ISBuzz Team, you're receiving the most relevant and actionable insights, curated and crafted by professionals tuned in to the pulse of the cybersecurity world. ISBuzz Team - your reliable compass in the fast-evolving landscape of information security
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.