Morrissey Technology

Loading

iCIO Community

iCIO Community Reminds the Importance of Mitigating Ransomware Threats in RI

Morrissey TechnologyThe ransomware that attacked the Temporary National Data Center (PDNS) 2 caught the attention of many parties, including the iCIO Community. They emphasized the importance of mitigating ransomware threats for organizations in Indonesia. iCIO Community is a community of Chief Information Officers and Executives in the ICT sector of companies and organizations in the country. This community is designed as a means of sharing practices and leadership in the ICT field.

“It is important for every organization to develop a comprehensive and proactive cybersecurity strategy. In a world that is increasingly connected and vulnerable to cyberattacks, data protection and collaboration between companies is not only important, but urgent. Let’s unite, share experiences, and strengthen organizational defenses Together, we can protect Indonesia’s digital future from growing threats,” said Iskak Hendrawan, Deputy Chair of the iCIO Community.

Moreover, the personal data protection law will complete its trial period in October this year.

“In the current digital era, ransomware attacks cannot be taken lightly. With the implementation of the Personal Data Protection Law in Indonesia, companies are required to be more serious in protecting users’ personal data. We from the iCIO Community hope that the government and public services can adopt this technology adequate and implementing good data governance procedures. This is not just about technology, but also about the responsibility to protect and manage information that is vital for the country and society,” said Harry Surjanto, Advisor to the iCIO Community.

While it is difficult to completely prevent ransomware attacks, proper mitigation measures can minimize their impact. Last year, this community admitted to having held a closed focus group discussion among its members to discuss the ransomware threat they faced. iCIO Community assesses the need for strict operational discipline to ensure rapid recovery in the face of cyber attacks. This covers several important aspects. First, securing infrastructure in the data center. All infrastructure in the organization must always be hardened and updated with critical security patches at the operating system and device firmware level.

“All data must be backed up regularly and stored securely and strictly,” said the iCIO Community representative.

Second, strict monitoring. Monitoring system health and security through the command center and security operation center 7×24 hours is very important. Organizations must have a rapid reaction unit for recovery and dealing with hacking attacks. The three Disaster Recovery Centers (DRC). Organizations must have a DRC and regularly conduct disaster recovery drills. System recovery training activities for disasters must also be monitored and reported to the regulator

Basic security hygiene is a major concern and discipline that should not be ignored. According to the iCIO Community, this is the primary foundation for protecting organizations from ever-evolving threats. Cases such as the attack on PDN show how important it is to have a fast and effective response strategy. We hope the government can design and implement a comprehensive emergency plan to address ransomware attacks. Cross-sector collaboration and sharing information about new threats and attack tactics are crucial in strengthening national cyber threat defenses.

With these steps, the iCIO Community is confident that we can mitigate the negative impact of ransomware attacks and ensure the security of data that is critical to the national interest. And thanks to the adoption of adequate technology and good data governance, mitigation and recovery procedures, governments and public services can provide better services, increase public trust and protect the important information they hold.

https://bluewaysglobal.com/-/for4d/

Bots are Increasingly Rampant in Cyberspace, This is The Danger

Bots are Increasingly Rampant in Cyberspace, This is The Danger

Morrissey Technology – The Akamai report states that 42% of internet traffic is generated by bots, and shockingly, 65% of those bots are used for crime. In this report, Akamai deliberately researched data scavenger bots circulating in cyberspace. This bot is designed to collect data and content for use by cybercrime.

The e-commerce sector is considered to be the most affected by the actions of data scavenger bots and high-risk traffic bots. It must be admitted, there are indeed bots that can be profitable, but these scavenger bots often have a negative impact, especially on consumers. This is because data scavenger bots are used to spy on rival stores, stockpile goods, create fraudulent sites, and various other criminal activities.

Akamai CTO Patrick Sullivan explained that bots are a significant problem, because they can create a number of targets for web applications, services and application programming interface (API) owners.

For example, data-scavenging bots can easily steal product images, descriptions, pricing information, and other data. Then this data can be used by cybercriminals to create fake sites to imitate ecommerce sites from well-known brands.

In fact, now with the presence of AI, the data taken by bots can be slightly modified to create a site that generates traffic — and is then used to make money through advertising revenue.

Bots with AI are also more difficult to detect. For example, AI botnets, which can function with unstructured data. According to Akamai, with the use of AI, criminals can collect, extract and process data more efficiently.

Lastly, bots can also be used to create fake accounts, which can then be used to target victims financially. Even the most innocuous scavenging bot can be used to degrade a site’s performance, impact search engine impact calculations, and also increase the computing and hosting costs of a site.

https://savix.serverpersonale.it/-/for4d/

Google Reveals the Bad Effects of AI on the Environment

Google Reveals the Bad Effects of AI on the Environment

Morrissey TechnologyGoogle just released its environmental impact report for 2023 and the results are worrying. Google’s greenhouse gas emissions are increasing rapidly amidst the company’s priorities now focusing on AI. According to the report, Google’s total greenhouse gas emissions have increased by 48% since 2019. Even though Google has set a target to reduce emissions by 50% by 2030.

Last year alone, Google produced 14.3 million tonnes of carbon dioxide pollution which marked a 13% increase from the previous year. This figure is equivalent to the amount of carbon dioxide emissions emitted by 38 gas-fired power plants each year.

Google said the rise in carbon dioxide pollution was influenced by electricity use in data centers and supply chain emissions. Electricity consumption, primarily from data centers, contributes nearly one million tonnes of pollution to Google’s carbon footprint by 2023.

Data centers, especially those used to train AI, require enormous amounts of electrical power. Google is currently aggressively adding generative AI features to a number of its products, and they are starting to worry about the negative effects of AI on their environmental impact reports.

“As AI becomes more integrated into our products, reducing emissions may become a challenge due to increased energy demands resulting from greater AI computing, and emissions associated with expected improvements to our technical infrastructure,” Google said.

Electricity consumption in Google data centers last year increased 17%, and the Alphabet subsidiary expects the trend to continue. According to Google estimates, its data centers will contribute almost 10% of total global electricity consumption by 2023.

To reduce AI’s detrimental impact on the environment, Google says it is trying to make its AI models, hardware, and data centers more efficient. Google also plans to use carbon pollution-free energy by 2030.

Google isn’t the only tech company concerned about the impact of AI on its environmental ambitions. Microsoft’s greenhouse gas emissions last year rose 30% compared to 2020.

https://ecobreeze.com.my/wp-content/for4d/

https://blogdoeda.com.br/css/for4d/

Data Allegedly Leaked, KAI Ensures User Database is Safe

Data Allegedly Leaked, KAI Ensures User Database is Safe

Morrissey Technology – The social media world was abuzz with news of the alleged KAI Commuter data leak. The leaked data has also reportedly been sold on the dark web. The news of the alleged data leak was revealed by the @txttransportasi account on X (formerly Twitter).

“Oh, you know… KAI database?” upload the account on Tuesday (2/7).

The account also attached screenshots of cyber criminals’ uploads on Breachforums. However, the name of the account that uploaded KAI Commuter data on Breachforums was censored in the screenshot FOR4D.

The suspected hacker claimed that the leaked data included various personal information of KAI Commuter users, such as names, ticket codes, payment methods and transaction times. Responding to this issue, KAI Commuter claimed that its user data was safe, even though it had been hacked. KAI Commuter also said that it had coordinated with related agencies to handle this hack.

“KAI Commuter ensures the security of the Commuter Line user data base which was hacked by irresponsible parties,” Anne Purba FOR4D, Corporate Secretary of KAI Commuter said in a statement, Wednesday (3/7).

“Until now, KAI Commuter together with related parties continue to coordinate and carry out in-depth investigations to trace and handle the system hack,” he added.

Anne said that her party had taken steps to deal with it, including limiting access to both public networks and local networks.

“Currently all IT operational systems FOR4D in the KAI Commuter environment are still running well and all customer databases are safe,” explained Anne.

Furthermore, Anne asked the public not to worry about using all the service applications owned by KAI Commuter, because KAI Commuter has good information security management.

KAI Commuter is also said to have implemented ISO 27001:2013 as a standardization of the Information Security Management System at KAI Commuter. This security standardization, he said, is also regularly audited by independent auditors to ensure security in its implementation.

“KAI Commuter is committed to continuing to improve cyber security FOR4D in the application of information technology that makes it easier for people to use the Commuter Line and will thoroughly investigate this crime,” said Anne.

“For further steps, KAI Commuter will cooperate with the authorities to investigate this case,” he concluded.

Cyber ​​Attack Protection with Simas Cyber ​​Enterprise Insurance

Cyber ​​Attack Protection with Simas Cyber ​​Enterprise Insurance

Morrissey Technology – In today’s digital era, data is the most valuable asset for companies. We have learned enough from cases of data breaches, ransomware and other cyber attacks that have occurred recently. Without safe and protected data, company operations can be significantly disrupted. This not only has the potential to reduce revenue, but also directly harm customers.

In addition, the company’s reputation that has been built with great difficulty can be tarnished due to cyber attacks. Therefore, it is very important for companies to have a strict cybersecurity system.

In addition, the existence of regulations in Law Number 27 of 2022 concerning Personal Data Protection which requires companies to ensure data security and protection as well as the threat of sanctions in the form of administrative fines of up to 2% of annual revenue, further emphasizes the importance of strengthening company cyber security.

Cyber-security is like a fence that protects a house from thieves. However, even if you have installed a high fence, there is no guarantee that thieves cannot enter. Hackers could find loopholes and break into the system. Therefore, additional safety nets are needed to anticipate undesirable events.

PT Asuransi Sinar Mas understands that cyber crime will pose a risk of harming various business institutions in Indonesia. To anticipate this, Sinar Mas Insurance has prepared a liability insurance product, namely Simas Cyber ​​Enterprise FOR4D.

“Currently we see that cyber security has become the biggest challenge in the digital era. Protection of customer data is crucial. For this reason, Asuransi Sinar Mas has prepared Simas Cyber ​​Enterprise as protection in facing this risk,” said Director and Corporate Secretary of PT Asuransi Sinar Mas Dumasi M M Samosir, in a written statement, Tuesday (2/7/2024)

“We hope that by using this product, business sectors in Indonesia will get protection against cyber attacks in doing business,” he continued.

Simas Cyber ​​Enterprise provides guarantees for the costs of restoring electronic data affected by cyber attacks, business interruption compensation, Forensic IT services for investigating cyber attacks, threats of extortion by hackers to pay a sum of money to end a cyber attack and other guarantees.

“One of the advantages of our Simas Cyber ​​Enterprise is the fast acceptance process and effective claim settlement process,” explained Dumasi.

Simas Cyber ​​Enterprise can be used for protection for companies that have concerns about the data security of companies that manage customer personal data or store valuable digital assets on a large scale, such as financial institutions, banks, marketplaces and hospitals. Apart from corporations, Sinar Mas Insurance is also developing Cyber ​​Insurance products to be marketed to the individual segment.

Sinar Mas Insurance also provides a Simas Cyber ​​Enterprise FOR4D product consultation service which can be accessed via the following link. Apart from that, Sinar Mas Insurance is also committed to providing education so that the public has an understanding of information technology system security, cyber attacks and what can be done to minimize risks. Education will be carried out through social media and the website www.sinarmas.co.id.

Easy Ways to Search for Files on Windows Laptops and Desktops

Easy Ways to Search for Files on Windows Laptops and Desktops

Morrissey Technology – Searching for files on desktops and laptops will usually become more difficult, as the drive capacity used increases. Usually, file management is always ignored by PC users, because the majority of users only focus on the available storage space. New users will feel the impact when they need a file, which has not been used for a long time. However, there is actually a more effective and efficient way to search for these files. Here’s how to efficiently search for files on a Windows laptop, according to The Verge.

Windows file index

By default, Windows only indexes files in four areas of the PC: Documents, Pictures, Music, and Desktop folders, plus subfolders that branch off https://kepriprov.org/ of those folders. If the file is not in these folders, users can look for it elsewhere, by changing Windows search.

1. Open Settings then go to Privacy & security > Windows Search

2. Under Find my files, you will usually find the Classic search type has been selected automatically. By selecting Classic, the file search can be customized to the selected search location > Change to add the folder to the list of indexed locations by checking the appropriate box.

3. Or if you want it to be easier, users can select Enhanced so that all PCs are included in the query. However, Microsoft warns that this may affect CPU usage and battery life.

Still in the Privacy & security > Windows Search section, at the bottom of Can exclude certain folders from search, users can select folders that do not need to be included in data searches.

Excluding folders can also speed up the indexing and searching process. When the user has decided which folders he wants to index by Windows, the user can immediately search.

Finding Files in Windows

There is a search box or icon on the taskbar, just to the right of the Start menu button, that can be used to start a file search. Just type as many file names as the user can remember, and the results will appear as you type. If you want, users can also use the search box when opening the Start menu.

When you start typing, Windows will pop up a dialog showing the user what it considers the best match, and more matches below that. Users will find a series of tabs with various categories that can be used to narrow the search.

Depending on the search terms, Windows may prioritize results from the web and/or the Start menu before files, so users may need these additional filters. If all you want to access are recently installed applications or recently opened files, users Scatter Hitam don’t need to do any searching. Click the Start menu button on the taskbar, and under Recommended, there will be recently accessed apps and files.

Search in File Explorer

For further searches, users can use File Explorer and use the search box in the top right corner. Here are some tips:

  • Note the location in File Explorer, the search will be run on the folder being viewed, along with any subfolders. If you want to search all PCs, first click PC in the left navigation panel. Type the name of the file you are looking for in the search box and press Enter.
  • If you are unsure of the full file name, you can use asterisks as wildcards to represent any combination of characters. For example, searching for am* can produce files named “amstrad”, “america”, and “am8811!g”.
  • You can also use a question mark as a one-letter wildcard. For example, when searching for am?, it will give the user files named “amy”, “amd”, and “am3”.
  • Another trick is to add file extensions. searching with *.jpg, the user will get all the JPEG files in the folder and its subfolders.
  • Boolean operators are also supported. For example, use the words “samsung or google” to find files that include both words or “samsung not google” to get files that have the name Samsung but not Google.
  • If you want to further filter your search, look for Search Options at the top of the File Explorer window. Click to get a list of different search variables that can be used. For example, users can limit searches based on file size or when a file was last edited. There is also a File contents option, which can be used if you want Windows to search the file thoroughly for matches, but this takes more time.

Use third party applications

There are many third-party applications ready and willing to help with searches. Although the features offered are very similar to File Explorer, they are presented in a more intuitive way. The following is a file finder that users can use to search for data/files in Windows.

1. Agent Ransack, is a fast and sleek file finder for Windows, allowing users to search for file name matches and file contents simultaneously. Easy to select search locations and supports wildcards and Boolean operators.

2. Everything, the lightest and easiest file search tool for Windows that can also be run as a portable application directly from a USB drive. It has its own set of advanced features, including the option to match uppercase and lowercase letters in file names and being able to save searches for future use.

3. SearchMyFiles, a free search application that displays results very quickly and offers a convenient search options panel, where users can limit file matches based on file size, file date, and file attributes. It can even help users in searching for duplicate files.

4. PowerToys Run can provide a search experience similar to Spotlight on macOS. Press Alt + Space to bring up the search box in the middle of the screen, then type the name of the file you are looking for. Very useful for finding and opening certain files quickly.

https://knotraglobal.com/blogs/-/for4d/

https://dropdeadgorgeousrock.com/-/for4d/

McAfee's Anti-Spam

This is How McAfee’s Anti-Spam Feature Works

Morrissey TechnologyMcAfee launched its newest feature to protect users from cyber fraud using various modes. Even though there have been many appeals and education not to install applications carelessly, not everyone understands and is aware of the importance of protecting the data we have. Moreover, the people targeted by the perpetrators are usually people who are not aware of things like this.

One of them is the APK mode distributed via WhatsApp, which can threaten the bank accounts of victims who use mobile banking. For this reason, McAfee released a feature called Scam Protection.

By using this feature, it is hoped that the user’s important data will not be known by any party. This feature will provide a warning if there is a malicious application installed on the user’s cellphone.

Apart from that, this feature will analyze links in text messages, emails, or even on social media using the help of AI technology. There is also a Safe Browsing feature, which if activated, Scam Protection will block dangerous sites, thereby reducing the possibility of leaking user data.

How many hours a day do you spend on your cell phone? 5 Hours? 10 hours? Cell phones have become a part of everyday life. There is a saying that says a wallet can be left behind but it is impossible with a cell phone. However, unfortunately awareness of the importance of cellphone usability is not comparable to awareness of the importance of cellphone security. “That’s why McAfee is here as a leading security solution,” said Eddy Cahyono, CEO of Kharisma Inside Mandiri Sejahtera (KIMS).

KIMS is the sole distributor of McAfee Security products, and not only in Indonesia, but also in the Southeast Asia region.

https://aligarhlocks.in/wp-content/products/for4d-togel/

Google Gemini AI

Good News! Google Presents Gemini AI for School Children and Teachers

Morrissey TechnologyGoogle announced that it is bringing Gemini AI technology to students using their school accounts, also giving educators/teachers access to new tools from Gemini AI. Previously, Google had offered Gemini services to teenagers using their personal accounts.

Google says that giving teenagers access to Gemini can help prepare them the skills they need to thrive in a future with generative AI.

Google says Gemini will help students learn more confidently with real-time feedback. Google claims that it will not use data from chats with students to train and improve its AI models, and has taken steps to ensure that it brings this technology to students responsibly.

Gemini has guardrails that will prevent inappropriate responses, such as illegal substances or age-inappropriate substances, from appearing in the response. Gemini will also actively recommend teens use the proofreading feature to help them develop information literacy and critical thinking skills FOR4D.

Gemini will be available to teen students when using a Google Workspace for Education account in English in more than 100 countries. Gemini will be turned off by default for teens until an admin chooses to turn it on.

Apart from that, Google also announced that they were launching the Read Along in Classroom feature globally. This feature helps students build reading skills and get real-time support. Educators can assign reading activities to students based on their grade level or phonics skills.

They can then see insights into their students’ reading accuracy, speed, and comprehension. Google is also trialling the ability to generate personalized stories tailored to students’ needs.

Google makes it easy for educators to create, manage, and share interactive lessons. Additionally, educators also gain the ability to manually mark assignments as incomplete or completed, and perform grading actions in bulk.

https://www.opportunitycreator.com/-/for4d/

Artificial Intelligence

A Glance at the Trends in Artificial Intelligence (AI)

Morrissey Technology – Recently, Netflix released a new, futuristic film based on the story of artificial intelligence (AI) technology, entitled “Atlas”. This film shows the dark side of AI and also the possibility of collaboration and harmonization between humans and AI, through a technology called “neurolink”.

Atlas, a fictional character in the film, represents the current skepticism of much of humanity towards the development of artificial intelligence (AI) and its impact on real life and the future of humanity. Even though the technology in the film is actually all around us now, be it AI or neurolink, whose name and working principle are similar to the neuralink technology developed by Elon Musk.

Full name Elon Revee Musk, a well-known businessman and investor in the digital sector, born in 1971, recently received strong criticism from one of the expert scientists known as the GodFather AI, Yann Andree LeCun. According to Yann, as written on his X / Twitter account, Elon is too based on conspiracy theories and “exaggerates” when talking about AI development. According to Yann, the development of AI technology is (should) be based on research and scientific studies FOR4D.

Elon, via his X/Twitter account, has thrown back criticism by asking what contribution scientists like Yann have made to the development of AI today. Moreover, according to Elon, Yann is “just” an employee of a large corporation who must be ready to take orders. In fact, Yann, who is the Chief AI Scientist at Meta, is also a well-known Professor of Mathematics with dozens of scientific papers/technical papers that he has published, including about the development of AI technology which is now widely carried out in the world.

This debate is interesting, valid and relevant, illustrating how the point of view of a businessman and investor like Elon collides with that of a scientist and researcher like Yann. AI technology must be fully implemented by various parties, from both positive and negative sides in its development and use. Even today’s AI technology itself, because it is developing quickly and almost independently, is projected to one day be able to surpass human intelligence and control. How far have we prepared FOR4D.

AI and the Digital Divide

In the AI ​​for Good Global Summit Forum which was held in Geneva at the end of May 2024, it was stated that humanity today will not be able to avoid (the development of) AI technology. However, behind the discourse about all the goodness brought by this technology, all of us, also globally, continue to be haunted by risks and negative impacts that cannot yet be clearly measured.

Negotiations and debates are still hotly underway in countries in the Global North and Global South. One of the points is about how to develop AI ethically, of course by understanding the different conditions and ecosystems in each country.

Within the country itself, for example, amidst the big discourse on the development of artificial intelligence (AI) and the ethics of its use, Indonesia is still faced with conditions of digital infrastructure/access gaps, unequal digital literacy skills in each region and the shadow of worry about job losses due to replacement. by AI technology.

This can also be seen in the reality of urban and rural disparities. Urban areas are considered to have more opportunities to be able to keep up with AI developments better than rural areas in Indonesia.

Of course, one of the reasons is because the forums available to discuss AI issues take place more in urban areas than rural areas, as well as the intensive use of AI in various health, financial and educational services in a number of big cities.

AI and Cybercrime

AI is indeed able to present a new style of learning and working that is more effective and productive with superior results for its users in creative and positive ways. But on the other hand, AI can also “facilitate” similar things for criminals.

Returning to the film “Atlas” which was mentioned at the beginning of this article, there is a figure called “Harlan”, an AI technology with terrorist abilities and attitudes that threaten human security. It may still seem futuristic, but crimes based on AI technology are already widespread around us.

In mid-2023, for example, WormGPT, an AI-based malware, will be able to generate and spread malicious code automatically. This certainly shocked the cybersecurity world and served as a reminder that AI technology has the potential to be misused. At least, here are some crimes that use AI technology, as quoted from Technology Review.

1. Spread of Phishing

Phishing is the biggest cyber crime that is “assisted” by AI. Phishing criminals are now using AI technology to further perfect their criminal tricks. Spam generating services, such as GoMail Pro, for example, have integrated ChatGPT into their services to make it easier for criminals to interpret their fraud and send it to victims.

2. Deepfake Fraud

AI technology now allows cybercriminals to fabricate sounds, images and videos so that they appear very similar to the real thing. In an MIT Technology review of AI-based cybercrime, it was found that many platforms openly sell deepfake services at a relatively cheap price of around 160,000 per image. In Hong Kong, a finance worker at a multinational company was tricked into paying US$25 million (Rp. 392.97 billion) to a fraudster who used deepfake technology by posing as the company’s chief financial officer.

3. Jailbreak Service

This service allows criminals to manipulate AI systems. For example, writing code to create ransomware. Some AI companies, such as OpenAI and Google, have routinely installed security systems to prevent this from happening.

4. Doxxing and Spying (without rights)

AI is not only used for phishing, but is also a tool that is widely used for doxxing, for example to identify someone’s personal information online. This is because the AI ​​system is trained to retrieve data quickly from the internet, including personal data. Several researchers found that some AI technologies are capable of analyzing sensitive information such as ethnicity, a person’s location and a person’s occupation.

5. Hoax / Disinformation

AI can be used to produce highly realistic and convincing propaganda and disinformation content. This content can then be shared on social media and other online platforms to manipulate public opinion, spread hatred, or disrupt the democratic process.

6. Harassment Behavior

AI can be used to harass individuals online. AI can be used to analyze social media and other online activity to gather information about victims, and then use that information to send harassing or threatening messages. AI is also used to manipulate photos and videos of victims.

AI and Human Kindness

Not only is it a source of fear, AI is also being developed for the good of humanity. In the film “Atlas”, it is told that ultimately AI technology was used for good for the good of humanity. Apart from AI in the film Atlas, the development of AI-based technology for good is currently also being carried out in the fields of agriculture, fisheries, health, education and AI-based security.

For example, the development of AI to detect breast cancer by Google Health in collaboration with several hospitals in the UK. In Indonesia, BRIN is also developing innovative AI-based technology, including: SADEWA for weather prediction, SEMAR for fisheries and extreme weather at sea, SRIKANDI for air quality related to the health and environmental sectors, SANTANU for rain monitoring, JATAYU for aviation weather, SRIRAMA for climate change, KAMAJAYA FOR4D for the start of the season related to agriculture, INDRA for water resources and GATOTKACA for monitoring humidity or water vapor over Indonesian territory.

So, if we return to the excerpt from the debate between Elon and Yann above, it can be said that AI technology is not something that can or should be seen from just one point of view. There is a need to involve multiple stakeholders, namely government, academics, civil society, the private sector and the technical community, to ensure that the development and use of AI technology can be carried out ethically, safely and responsibly.

Each stakeholder will have varying points of view and may differ in negotiating the positives vs. negatives of AI technology. However, if we believe that differences in negotiations are a blessing, then AI will certainly be able to bring full benefits.

https://www.impulseintl.com/-/for4d/

Malware in Chrome Web Store

Watch out! Lots of Malware in Chrome Web Store

Morrissey Technology – Google may claim that less than 1% of extension installations from the Chrome Web Store contain malware. However, other security researchers have different data. For your information, currently the Chrome Web Store contains more than 250 thousand extensions — a kind of additional application for the Chrome browser. Google boasts that its security team has succeeded in reducing the number of extensions containing malware from the Web Store.

“Just like other software, extensions can also contain risks,” said Google’s cybersecurity team.

However, other data emerged from a Stanford University security research team, consisting of Sheryl Hsu, Manda Tran, and Aurore Fass, who collaborated with the CISPA Helmholtz Center for Information Security.

They researched the Security-Noteworthy Extension (SNE) in the Web Store, and this SNE is an extension that is categorized as malware, violates Chrome Web Store rules, or an extension that has security holes.

During July 2024 to February 2023, there were 346 million users who installed extensions in the SNE category FOR4D. 63 million of them violated Web Store rules, and three million had security holes, meaning extensions containing malware were installed 280 million times.

In fact, in that time period there were only 125 thousand extensions available in the Chrome Web Store. The trio of researchers also found that Chrome extensions that are safe and do not contain malware usually don’t last long, only 51.8 to 62.9% survive after one year. Meanwhile, extensions that fall into the SNE category can actually last for an average of 380 days, and can even reach 1,248 days if they only contain security holes.

The SNE that lasted the longest in the Chrome Web Store was TeleApp, which lasted for 8.5 years and was last updated on December 13, 2013. When it was discovered to contain malware on June 14, 2022, this extension was removed. What’s worse, the application or extension rating doesn’t help much to find out the presence of malware in this SNE case.

“Overall, users never give SNE a low rating, which may be because users may not realize that this extension is dangerous. There is also the possibility that there are bots that give fake reviews and give high ratings to the extension,” wrote the research team in his paper.

https://knowyouridol.com/-/for4d/

https://stirringthefire.com/-/for4d/