Technology
Massive security flaw puts most popular browsers at risk on Mac
Hackers are already flooding browsers with malware and phishing links, and now researchers have discovered a vulnerability that gives them direct access to services on your laptop.
This vulnerability, known as 0.0.0.0 Day, affects all Chromium-based browsers, including Google Chrome, Firefox, Safari and Edge.
What’s concerning is that this vulnerability has been present in these browsers for the past 18 years and has only been discovered now.
SIGN UP FOR FOR KURT’S FREE NEWSLETTER AND GET INSTANT ACCESS TO THE CYBERGUY REPORT
A person using a laptop with Google Chrome browser (Kurt “CyberGuy” Knutsson)
What you need to know
The 0.0.0.0 Day vulnerability was discovered by the Israeli app security firm Oligo and subsequently reported by The Hacker News. It involves the use of IP address, 0.0.0.0, which is normally harmless. But with this vulnerability, attackers could misuse it to access and control local services on your computer.
The critical vulnerability “exposes a fundamental flaw in how browsers handle network requests, potentially granting malicious actors access to sensitive services running on local devices,” Oligo Security researcher Avi Lumelsky said.
Security researchers have found that websites with “.com” domains can communicate with services on a local network and run unauthorized code using the address 0.0.0.0. This vulnerability also allows them to bypass Private Network Access (PNA), which is supposed to stop public websites from accessing private network endpoints directly.
In simple terms, this vulnerability could allow bad actors to break into your local services and execute unauthorized actions on your device.
The vulnerability affects browsers including Google Chrome, Edge, Safari and Firefox on devices running macOS and Linux. If you’re a Windows user, you don’t have to worry because Microsoft blocks this IP address at the operating system level.
A browser displayed on a laptop (Kurt “CyberGuy” Knutsson)
HERE’S WHAT RUTHLESS HACKERS STOLE FROM 110 MILLION AT&T CUSTOMERS
Is a fix coming?
Chrome started blocking access to the IP address 0.0.0.0 from Chromium 128 in July. Google will gradually roll out this change, completing it by Chrome 133, when the IP address will be fully blocked for all Chrome and Chromium users.
Meanwhile, Apple has already updated WebKit, the browser engine used by Safari, to block access to 0.0.0.0. Mozilla has also blocked this IP address in Firefox. To protect yourself from getting affected, keep your browser up to date.
HOW TO REMOVE YOUR PRIVATE DATA FROM THE INTERNET
Steps to update your browser
The best way to protect yourself from security flaws is to keep your browser up to date. Below are the steps to keep it updated.
How to update Chrome
- Open Google Chrome on your computer
- Click on the three dots in the top-right corner
- Select Help
- Click About Chrome
- Chrome will automatically check for updates. If an update is available, it will download and install it.
- Click Relaunch to complete the update process.
For mobile devices, you can update Chrome via the Google Play Store (Android) or App Store (iOS) by searching for Chrome and tapping Update if available
Google Chrome browser (Kurt “CyberGuy” Knutsson)
WORLD’S LARGEST STOLEN PASSWORD DATABASE UPLOADED TO CRIMINAL FORUM
How to update Microsoft Edge
- Open Microsoft Edge
- Click on the three dots in the top-right corner
- Select Help and feedback
- Click About Microsoft Edge
- Edge will automatically check for updates and install them if available
- Click Restart to update Microsoft Edge and apply any updates
For mobile devices, updates can be done through the respective app stores (Google Play Store for Android and App Store for iOS) by searching for Edge and tapping Update if available.
Microsoft Edge browser (Kurt “CyberGuy” Knutsson)
How to update Safari
- On a Mac, open the Apple menu
- Select System Settings
- Tap General
- Click Software Update
- If an update for Safari is available, click Update Now.
- Follow the prompts to complete the installation.
For iOS devices, updates are done through the Settings app under General > Software Update.
Safari browser (Kurt “CyberGuy” Knutsson)
How to update Mozilla Firefox
- Open Firefox
- Click on the three horizontal lines (☰) in the top-right corner
- Select Help
- Click About Firefox
- Firefox will check for updates and download them automatically
- Click Restart to Update Firefox if an update was installed
For mobile devices, you can update Firefox through the Google Play Store (Android) or App Store (iOS) by searching for Firefox and tapping Update if available.
CLICK HERE FOR MORE U.S. NEWS
Mozilla Firebox browser (Kurt “CyberGuy” Knutsson)
Additional measures to keep your data and devices safe
Below are some extra steps to take to prevent being affected by hackers exploiting security vulnerabilities.
1. Have strong antivirus software: Hackers often gain access to devices by sending infected emails or documents or tricking you into clicking a link that downloads malware. You can avoid all of this by installing strong antivirus software that will detect any potential threat before it can take over your device or router.
The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android and iOS devices.
2. Recognize urgent requests as potential scams: Always be wary if someone is urgently requesting you to do something like send money, provide personal information or click on a lin. Chances are it’s a scam.
3. Use strong and unique passwords: Create strong passwords for your accounts and devices and avoid using the same password for multiple online accounts. Consider using a password manager to securely store and generate complex passwords. It will help you to create unique and difficult-to-crack passwords that a hacker could never guess. Second, it also keeps track of all your passwords in one place and fills passwords in for you when you’re logging into an account so that you never have to remember them yourself. The fewer passwords you remember, the less likely you will be to reuse them for your accounts. Get more details about my best expert-reviewed Password Managers of 2024 here.
4. Enable two-factor authentication: Enable two-factor authentication whenever possible. This adds an extra layer of security by requiring a second form of verification, such as a code sent to your phone, in addition to your password.
ANDROID USERS AT RISK AS BANKING TROJAN TARGETS MORE APPS
Kurt’s key takeaway
Given the newly discovered 0.0.0.0 Day vulnerability, it’s more important than ever to keep your browser up to date. While major browser companies are actively working on a fix, staying on top of software updates is crucial to protect your device. To further safeguard your online experience, be cautious of suspicious links, practice safe browsing habits, and regularly check for updates.
Given the recent discovery of the 0.0.0.0 Day vulnerability affecting major browsers like Google Chrome, Firefox, Safari and Edge, which has been present for 18 years, do you think tech companies are doing enough to ensure the security of their products and protect users from such long-standing vulnerabilities? Let us know by writing us at Cyberguy.com/Contact
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter
Ask Kurt a question or let us know what stories you’d like us to cover
Follow Kurt on his social channels
Answers to the most asked CyberGuy questions:
Copyright 2024 CyberGuy.com. All rights reserved.
/cdn.vox-cdn.com/uploads/chorus_asset/file/24489389/236563_Apple_iPad_9th_gen_DSeifert_0001.jpg "Apple’s last-gen iPad has dropped to 4 for a limited time")
Although Apple’s tablet lineup has undergone several shakeups over the last several years, we long considered the ninth-gen iPad to be the best budget iPad you could get. That changed when Apple dropped the price of the 10th-gen iPad to a more sensible $349 and discontinued its entry-level model. But the 2021 iPad remains a perfectly good slate, especially now that the base model with 64GB of storage is down to a new low of around $224 ($105 off) at Amazon, Walmart, and Best Buy.
As far as hardware is concerned, the ninth-gen iPad is very much a remnant of Apple’s former design language. The 10.2-inch tablet has a traditional iPad look with large bezels, a dedicated home button, and a Lightning port — not to mention a 3.5mm audio jack for using a pair of wired headphones.
Inside, you’ll find Apple’s aging A13 processor, which, despite first appearing in the iPhone 11 in 2019, still offers speedy performance when playing games, watching movies, surfing the web, and tackling all the usual things you might use a tablet for. It’s still beholden to the first-gen Apple Pencil and older accessories like the Smart Keyboard, yes, but given its age and price, it’s an understandable tradeoff.
If you’re concerned about support, rest assured that Apple’s last-gen iPad will be compatible with iPadOS 18 when it launches in the fall. It won’t support any of Apple’s forthcoming Apple Intelligence features, though, which require a newer iPad Pro or iPad Air model with an M1 chip or later. I guess the new calculator app will have to do.
/cdn.vox-cdn.com/uploads/chorus_asset/file/23318438/akrales_220309_4977_0305.jpg "The FCC proposes requiring robocallers to disclose when they’re using AI")
The Federal Communications Commission (FCC) proposed a new set of rules this week that would require robocallers to disclose when they’re using artificial intelligence for phone calls and text messages.
The proposal builds on the FCC’s ban on making AI-generated robocalls without the express prior consent of the person being called. The agency now hopes to require callers to say, while seeking that consent, whether they plan to use AI for future calls and messages, the FCC writes. Similar disclosures would have to be added to any AI-generated phone calls, which the agency says “contain an enhanced risk of fraud and other scams.”
The regulator suggests defining an “AI generated call” as any that uses technology to create “an artificial or prerecorded voice or a text using computational technology or other machine learning, including predictive algorithms, and large language models, to process natural language and produce voice or text content to communicate with a called party over an outbound telephone call.”
Finally the agency hopes to carve out an exception for when those with speech and hearing disabilities use AI-generated voice software to help them communicate on outbound phone calls. The FCC would also require that there be no “unsolicited advertisement” in such calls, and that people on the receiving end of the phone calls not be charged for them. The agency asked for specific comments on whether scammers could abuse the exemption, and how it could update its rules to prevent that.
Let’s be honest. Public restrooms are often gross, and most of us would rather avoid them at all costs. The thought of encountering unsanitary conditions is enough to make anyone cringe. But what if there was a solution that could transform this universally unpleasant experience?
Enter the Revolving Toilet by Sanitronics, a groundbreaking self-cleaning system that’s set to revolutionize public restrooms.
This innovative technology promises to eliminate the “ick factor” and deliver a level of cleanliness that could make even the most squeamish person feel comfortable.
SIGN UP FOR FOR KURT’S FREE NEWSLETTER AND GET INSTANT ACCESS TO THE CYBERGUY REPORT
The Revolving Toilet (Sanitronics)
A revolutionary self-cleaning toilet system
With over 20 years of experience in public toilet design, Sanitronics has created a solution addressing the most pressing public restroom issues. It’s called the Revolving Toilet, and it features two toilet bowls that alternate after each use. While one bowl is in use, the other is being cleaned in a separate compartment. This ensures that each person experiences a completely clean and dry toilet.
The Revolving Toilet (Sanitronics)
THIS IS THE WAY CLEAN FREAKS GET THEIR FILTHY TECH SPOTLESS
The Revolving Toilet’s high-pressure cleaning and drying system
The system employs patented technology to clean the toilet bowl from all angles using a biodegradable cleaning agent. The cleaning process involves high-pressure water sprays at 70 BAR both inside and outside of the bowl, effectively removing all dirt and waste.
The Revolving Toilet (Sanitronics)
CLICK HERE FOR MORE U.S. NEWS
One of the standout features of the Revolving Toilet is its ability to provide a dry seat. As the toilet revolves, the cleaned seat passes through an airblade that dries it completely, offering a comfortable and hygienic experience for the next person. The entire cleaning and drying process takes less than 20 seconds, minimizing wait times and ensuring that the toilet is always ready for the next user. This thorough cleaning process is crucial for maintaining hygiene in high-traffic public areas.
The Revolving Toilet (Sanitronics)
HOW THIS ROBOT JANITOR IS CLEANING TOILETS AND DOING THE DIRTY WORK
The Revolving Toilet’s ergonomic design
The Revolving Toilet features automated entry, no-touch buttons for single and multiple operations and is ergonomically positioned to minimize effort and maximize efficiency. This design reduces the risk of contamination and makes the toilet user-friendly.
The toilet units are fully customizable to fit the specific needs of different public environments. Whether it’s a standalone unit for a park or a mobile unit for a festival, the design can be adapted to suit various requirements.
HOW TO REMOVE YOUR PRIVATE DATA FROM THE INTERNET
The Revolving Toilet (Sanitronics)
HOW A HIGH-TECH TOILET CAN STOP YOU FROM OVERSPENDING ON ROLLS OF TOILET PAPER
Sustainability and customization
Sanitronics has designed the Revolving Toilet with sustainability in mind. The units are modular and can be easily disassembled, allowing for parts to be replaced or recycled. Sanitronics also handles everything from design and production to placement and maintenance. This integrated approach ensures the highest quality and reliability of their products.
The Revolving Toilet (Sanitronics)
The Revolving Toilet is vandalism resistant
The materials used in the construction of the Revolving Toilet are resistant to vandalism, including hammering, fire and graffiti. This makes it a durable option for public spaces prone to such issues.
The Revolving Toilet (Sanitronics)
Kurt’s key takeaways
We’ve all been there – desperately needing a public restroom but dreading what we might find. Well, the Revolving Toilet is here to change all that. Imagine walking into a public restroom and actually looking forward to using it. Sounds crazy, right? But that’s exactly what Sanitronics is aiming for. With its quick cleanup act, this toilet is setting a whole new bar for public bathrooms. So, next time you’re out and about and nature calls, keep an eye out for the Revolving Toilet. It might just have you rethinking your public restroom experience — one flush at a time.
How do you think the introduction of the Revolving Toilet could change public perceptions and experiences of using public restrooms? Let us know by writing us at Cyberguy.com/Contact
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter
Ask Kurt a question or let us know what stories you’d like us to cover
Follow Kurt on his social channels
Answers to the most asked CyberGuy questions:
Copyright 2024 CyberGuy.com. All rights reserved.
Gunman found dead after shootout with police, standoff near Ohio State University
Oklahoma LB Kip Lewis Ready to ‘Fly Around’ After Building on Last Year’s Key Experience
Ionescu ‘ecstatic’ with a gold medal, recaps pressure-filled debut Olympics
Open Road Tolling is coming to the Pennsylvania Turnpike – Metro Philadelphia
Local Event: Ordering Now Open for Take-Out Thursday at Holy Angels Church
See it: Tesla crashes into Columbus convention center at 70 mph
Colorado Rockies game no. 116 thread: Zac Gallen vs José Ureña
Fox News Politics: Georgia the whole day through
Death of missing Oregon girl found in stream ruled homicide
At least 2 dead as tornadoes hit Alabama, damage homes across Southeast
Minnesota murder stats rose under Walz's leadership as he tries to tie violent crime trend to Trump: data
In first interview since dropping out, Biden says Trump danger to US
U.S. women's basketball team defeats France to win eighth straight Olympic gold medal
Secret Service apologizes after breaking into Massachusetts salon to use bathroom before Harris fundraiser
Hungary's largest music festival on high alert
-
Fitness1 week ago
For healthy aging, light exercise or sleep beats being sedentary
-
World1 week agoThe Take: Is Silicon Valley going MAGA?
-
News1 week agoVideo: Biden and Harris Greet Americans Released From Russia
-
/cdn.vox-cdn.com/uploads/chorus_asset/file/25416392/STK473_NET_NEUTRALITY_CVIRGINIA_D.jpg "Net neutrality is on ice")
Technology1 week agoNet neutrality is on ice
-
Movie Reviews1 week agoTrap Review: M. Night Shyamalan’s Silly, Self-Aware Thriller Is A Messy Tale Of Two Movies – SlashFilm
-
Politics1 week agoTrump replies to DA Bragg in case to get conviction tossed in light of Supreme Court immunity decision
-
Politics1 week agoHouse Freedom Caucus chair ousted by Trump-backed challenger in Republican primary showdown
-
Politics1 week agoGeorgia activist steals the show after being introduced by Trump at Atlanta rally: 'Incredible'