The vulnerabilities found in Google’s Chrome browser could allow “malicious actors” to execute harmful code on users’ systems, the council explained on Saturday in a post on X, formerly Twitter.

Important Security Alert
The Cyber Security Council of the UAE government has issued a critical warning regarding high-risk vulnerabilities in the Google Chrome browser. These vulnerabilities could potentially allow malicious actors to execute harmful code on your operating… pic.twitter.com/2Jm5rLAtpC

— Cyber Security Council (@cscgovae) October 28, 2023

“We strongly advise all users to promptly update their Chrome browsers to the latest version to safeguard against any potential threats,” the government organization said.

With around 3.3 billion users, Google Chrome is the world’s most-used web browser. The browser has about 65% of the market share and is installed on PCs, smartphones, tablets, and more.

The Cyber Security Council also warned of several Apple-specific vulnerabilities that span desktop and mobile operating systems, as well as in the Safari browser, Apple Watch, and even the Apple TV’s tvOS.

“We strongly recommend all users to update their systems and software immediately to mitigate potential threats,” the Cyber Security Council said, amidst fears that hackers could exploit the security flaws to gain control of user’s devices.

Also Read: The Largest Data Breaches In The Middle East

Established in 2020, the UAE Cyber Security Council is responsible for legislation to strengthen cyber security after a recent surge in digital attacks.

The UAE also recently announced plans to develop a cyber security vision to strengthen action against digital crime over the next 50 years. The move will give the Emirate “the highest level of resilience” and boost its ability to “address growing digital challenges”, said Dr. Mohammed Al Kuwaiti, head of the UAE Cybersecurity Council at the time of the announcement.

“As the UAE looks forward to its centennial in 2071, we had an opportunity to pause, examine how the world might evolve, and how we can use technology to optimize outcomes for humanity,” he said.

The post UAE Issues Google Chrome And Apple Security Warning appeared first on Tech Magazine.

The company acknowledged the struggle users previously faced when trying to capture video stills, noting that screenshots often produced low-quality images with the video progress bar shown at the bottom.

Today, those issues are gone, and for users of any Chromium-based browser (Such as Chrome, Microsoft Edge, or Brave), capturing high-quality stills is as simple as hitting pause, right-clicking, and selecting the “Copy Video Frame” option from the menu.

After trying the new feature ourselves, we noticed that it does have a few issues. For example, you’ll need to right-click twice on YouTube to access the menu: One click will bring up YouTube’s own menu, while the second click reveals the correct Chrome menu with the “Copy Video Frame” option.

Once a user copies a video still, they can paste it directly into another app, such as Google Docs or Apple Notes, for example.

Also Read: Samsung Releases Food, An AI-Powered Smart Recipe App

Right now, there’s no option to save a copied video frame directly to your desktop as a standalone file. The feature is also limited when used on videos from streaming services, with many sites restricting the ability to capture their content. So far, we’ve had the best luck using “Copy Video Frame” on YouTube, which is no surprise given that Google’s parent company, Alphabet, owns the video-streaming giant.

The “Copy Video Frame” feature is available now on all desktop platforms that can run Google Chrome, including MacOS, Windows, Linux, and ChromeOS.

The post Google Chrome Now Lets You Copy Video Stills For Easy Sharing appeared first on Tech Magazine.

Antivirus company, Avast, collated a report, which it delivered to Google detailing the zero-day exploit. In this report, Avast claims that Israeli spyware firm, Candiru, used the exploit to install spyware on the journalist’s computers.

It equally believes that the firm has used similar exploits to target Avast users in Turkey, Lebanon, Palestine and Yemen beginning in March of this year.

A zero-day exploit is, in short, a vulnerability in a piece of software that is unknown to the developers. They are typically discovered in the wild for this reason, and are known as zero-day because the developers have zero days in which to address the issue. This is because the vulnerability has the potential to cause damage from the moment it is discovered.

Avast alleges that Candiru used the above-mentioned exploit to gain access to user’s computers. It is believed to have compromised a website, which it used to redirect users to a server that could collect their data. If the data – collected on 50 data points such as location, language, time zone, etc. – met their requirements, the server would establish an encrypted channel.

Despite not claiming responsibility, Candiru is the prime suspect in the attack because the CVE-2022-2294 exploit was used to install the DevilsTongue spyware. This is a piece of malware previously linked to the group by Microsoft in a separate string of attacks.

In its report, Avast claims that the zero-day exploit was used alongside another vulnerability capable of bypassing the sandbox security function in Chromium. However, Avast has (as yet) been unable to determine the second exploit used by the alleged attackers.

Also Read: DDoS Attacks Are A Growing Threat In Gaming

Luckily, Google released a patch for the exploit on July 4. As such, there is no need for Chrome users to be concerned, providing browsers are kept up to date. Microsoft and Apple have released patches for their Edge and Safari browsers, too, as they also use WebRTC.

Candiru has not yet been officially connected to the incident, so its involvement is currently (albeit well-informed) speculation. However, the tools used and computers targeted matches its previous spyware attempts dating from 2021 and early 2022. As the company has no public online presence, this fact is unlikely to change anytime soon.

The post Google Chrome Exploit Results In Attack On Lebanese Journalists appeared first on Tech Magazine.