**SINGAPORE, Singapore, Oktoobar 3-deeda, 2024/CyberNewsWire/--** Marka la joogo DEF CON 32,  Kooxda cilmi-baadhista ayaa soo bandhigtay bandhig adag oo cinwaan looga dhigay Extensions Sneaky: The MV3 Escape Artists halkaas oo ay ku wadaageen natiijooyinkooda ku saabsan sida kordhinta browser-ka xaasidnimada leh ay uga gudbayso halbeeggii ugu dambeeyay ee Google ee dhisidda kordhinta chrome: Tilmaamaha amniga ee V3 (MV3), taasoo gelinaysa malaayiin isticmaaleyaal ah. iyo ganacsiyada khatarta ku jira.   SquareX  Kooxda cilmi-baarista ee SquareX waxay si cad u muujiyeen fidinta rogue ee lagu dhisay MV3. Natiijooyinka muhiimka ah waxaa ka mid ah:  Kordhiyadu waxay xadin karaan qulqulka fiidyaha tooska ah, sida kuwa Google Meet iyo Zoom Web, iyada oo aan loo baahnayn oggolaansho gaar ah.  Kordhinta qallafsan waxay u shaqayn kartaa magaca isticmaalaha si loogu daro wada-hawlgalayaasheeda meelaha gaarka ah ee GitHub.  Kordhiyadu waxay awood u leeyihiin inay ku xidhmaan dhacdooyinka gelitaanka si ay ugu jiheeyaan isticmaalayaasha bogga soo gelista maamulaha erayga sirta ah.  Kordhinta lagu dhisay MV3 waxay xaddi kartaa cookies-ka goobta, taariikhda baarista, bookmarks, iyo soo dejinta taariikhda si fudud, sida dhiggooda MV2.  Kordhinta qallafsanaantu waxay ku dari kartaa pop-ups bogga shabakada firfircoon, sida soo-jeedinta cusboonaysiinta software-ka been-abuurka ah, ku khiyaanaysa isticmaalayaasha soo dejinta malware.  Kordhinta browserka ayaa muddo dheer bartilmaameed u ahaa jilayaasha xaasidnimada leh - Jaamacadda Stanford  waxay ku qiyaastay in 280 milyan oo kororsi xaasid ah la rakibay sannadihii u dambeeyay. Google ayaa ku dhibtooday inay wax ka qabato arrintan, inta badan waxay ku tiirsan tahay cilmi-baarayaal madaxbannaan si ay u aqoonsadaan kordhinta xaasidnimada ah.   warbixin  Xaaladaha qaarkood, Google waxay ku qasbanaatay inay gacanta ka saarto, sida  hoos loo dhigay bishii June ee sanadkii hore. Markii meesha laga saaray, kordhintan ayaa mar hore la rakibay 75 milyan jeer. Inta badan arrimahan ayaa kacday sababtoo ah heerka fidinta Chrome-ka, Nooca Manifest 2 (MV2), waxaa ka buuxay daldaloolo keenay kordhinta ogolaanshaha xad-dhaafka ah, oo oggolaaday in qoraallada lagu duro duulista, inta badan iyada oo aan la ogeyn isticmaalayaasha.   32 kordhin  Tani waxay u ogolaatay jilayaasha xaasidnimada ah inay si fudud uga faa'iidaystaan dayacanka si ay u xadaan xogta, duraan malware, oo ay helaan macluumaadka xasaasiga ah. MV3 waxaa loo soo bandhigay si wax looga qabto dhibaatooyinkan iyadoo la adkeynayo ammaanka, xaddidaya oggolaanshaha, iyo u baahan in la kordhiyo si ay u caddeeyaan qoraaladooda ka hor.  Si kastaba ha ahaatee, cilmi-baarista SquareX waxay muujineysaa in MV3 ay ka gaabisay meelo badan oo muhiim ah, taasoo muujineysa sida weerarradu ay weli awood ugu leeyihiin inay ka faa'iideystaan oggolaanshaha ugu yar si ay u fuliyaan hawlo xaasidnimo ah. Isticmaalayaasha gaarka ah iyo ganacsiyada labadaba waa la soo bandhigay, xitaa hoos yimaada qaabka cusub ee MV3.  Xallinta amniga ee maanta, sida amniga barta dhamaadka, SASE/SSE, iyo Gateways Web Secure (SWG), la'aanta muuqaal kordhinta browserka rakiban. Hadda ma jiro qalab ama madal awood u leh in ay si firfircooni leh u qalabayso kordhintan, taas oo ka dhigaysa ganacsiyada iyaga oo aan awood u lahayn in ay si sax ah u qiimeeyaan haddii kordhintu ay tahay badbaado ama xaasidnimo.  SquareX waxaa ka go'an heerka ugu sarreeya ee ilaalinta internetka ee shirkadaha waxayna dhistay astaamo cusub oo muhiim ah si loo xalliyo dhibaatadan, oo ay ka mid yihiin;  Siyaasado miro-dhal ah oo lagu go'aaminayo kordhinta lagu oggolaanayo/ xannibi karo iyo cabbirrada ay ka mid yihiin oggolaanshaha kordhinta, taariikhda abuuritaanka, cusboonaysiinta u dambaysa, faallooyinka, qiimaynta, tirada isticmaaleyaasha, sifooyinka qoraaga iwm  SquareX waxay xannibtaa codsiyada shabakadda ee ay soo dirto kordhinta waqtiga la qabanayo - iyadoo lagu saleynayo siyaasadaha, heuristics iyo fikradaha barashada mashiinka  SquareX waxa kale oo ay tijaabinaysaa falanqaynta firfircoon ee Chrome Extensions iyada oo la adeegsanayo biraawsar Chromium wax laga beddelay oo ku jira server-keeda daruuraha  Kuwani waa qayb ka mid ah SquareX's  xal kaas oo la geynayo shirkadaha waaweyn ee dhexdhexaadka ah si wax ku ool ah ayaa looga hortagayaa weerarradan.   Ogaanshaha Browser iyo Jawaabta  , Aasaasihii & Maamulaha Guud ee  , ayaa ka digay khataraha isa soo taraya: "Balaadhinta Browser-ku waa meel indho la'aan ah EDR/XDR iyo SWGs ma haystaan hab ay ku qiyaasaan joogitaankooda. Tani waxay ka dhigtay fidinta browserka mid aad waxtar u leh oo farsamo xoog leh si aamusnaan ah loogu rakibo loona kormeero isticmaalayaasha ganacsiga, iyo weeraryahanadu waxay ka faa'iideysanayaan si ay ula socdaan isgaarsiinta wicitaanada webka, u dhaqmaan magaca dhibbanaha si ay u siiyaan ogolaansho dhinacyada dibadda, xadaan cookies iyo xogta kale ee goobta. iyo wixii la mid ah.”   Vivek Ramachandran   SquareX  "Cilmi-baadhisteenu waxay caddaynaysaa in la'aanteed falanqeyn firfircooni leh iyo awoodda ganacsiyada si ay u adeegsadaan siyaasado adag, ma suurtagal noqon doonto in la aqoonsado oo la joojiyo weerarradan. Google MV3, in kasta oo si wanaagsan loogu talagalay, haddana weli way ka fog tahay xoojinta amniga labadaba marxaladda naqshadaynta iyo hirgelinta," ayuu yidhi Vivek Ramachandran.  Ku saabsan SquareX  waxay ka caawisaa ururadu inay ogaadaan, yareeyaan oo ay ugaadhsadaan hanjabaada werarada webka dhinac macmiilka ah ee ka dhacaya isticmaalayaashooda wakhtiga dhabta ah.   SquareX  SquareX-ka-warshadaynta ugu horreysa ee Browser-ka iyo jawaabta (BDR), wuxuu qaataa hab weerar ku wajahan amniga browserka, hubinta in isticmaaleyaasha ganacsiga laga ilaaliyo khataraha horumarsan sida QR Codes-ka xaasidka ah, Browser-in-the-Browser phishing, malware-ku-saleysan, balaadhinta xaasidnimada ah iyo weerarrada kale ee shabakada ka kooban faylal xaasidnimo ah, mareegaha internetka, qoraalada, iyo shabakadaha la jabsaday.  Iyada oo la adeegsanayo SquareX, shirkaduhu waxay sidoo kale siin karaan qandaraaslayaasha iyo shaqaalaha fogfog helitaan aamin ah oo ay ku galaan codsiyada gudaha, shirkadda SaaS, oo u beddelaan daalacashada BYOD / aaladaha aan la maamulin ee fadhiyada baarista lagu kalsoon yahay.  La xidhiidh  Madaxa PR  Junice Liew  SquareX  junice@sqrx.com  Sheekadan waxa loo qaybiyay siidaynta CyberNewsWire ee hoos timaada HackerNoon's Business Blogging Program. Wax badan ka baro barnaamijka   halkan

This is a PR written by or for the company mentioned within it. The writer has a vested interest in the company and products mentioned within.

Sign Up for Free

Book A Demo

Check Pricing

Visit Website

Codkan waxa lagu soo saaray afkii asalka ahaa ee sheekada!

Aad u dheer; In la akhriyo

Boost your HackerNoon story @ $159.99! 🚀

SquareX waxay tusinaysaa sida Fidinta xaasidnimada leh ay uga gudubto Google's MV3

About Author

FAALLO

HANG TAGS

MAQAALKAN AYAA LAGU SOO BANDHIGAY

Related Stories

10 Stories To Learn About Medium

Creating NFTs in Arbitrum

88 Stories To Learn About Branding

Quantum Mechanics for Bitcoiners

10 Stories To Learn About Medium

Creating NFTs in Arbitrum

88 Stories To Learn About Branding

Quantum Mechanics for Bitcoiners

Light-Mode

Classic

Newspaper

Dark-Mode

Neon Noir

Minty

HN StartUps