Google Chrome user have been warned to update their browsers immediately and to use a hidden feature to combat the hacking.
Bugs that leave devices open to hacking are pretty common, developers send out updates for their software when these are spotted and patches are applied.
Google’s ‘Remember This Password’ Feature keeps you safe from most of these attacks
What is most concerning is that this threat has been given and ‘Zero-Day’ rating by Google’s cyber team. This means that the bug is most likely known to hackers and criminals already.
DO NOT IGNORE THIS WARNING – Here’s why
What is a Zero-Day threat?
“Zero-day” is a broad term that describes recently discovered security vulnerabilities that hackers can use to attack systems. The term “zero-day” refers to the fact that the vendor or developer has only just learned of the flaw – which means they have “zero days” to fix it. A zero-day attack takes place when hackers exploit the flaw before developers have a chance to address it. -Kaspersky
What does Google’s warning mean?
Google Chrome’s update has fixed eight issues with two of them rated High-Risk and is aware of the exploits, codenamed CVE-2021-38000 and CVE-2021-38003.
These issues have now been patched, but only if Chrome users update their browsers.
To update your Chrome browser, click the 3 vertical dots at the top right of the browser window, Select ‘Help’ (Near the bottom of the menu), Click ‘About Google Chrome’. A new window will open and you will see the update section at the top of the page.
Google have said: “The Stable channel has been updated to 95.0.4638.69 for Windows, Mac and Linux which will roll out over the coming days/weeks. We would like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.”
Keeping safe from hackers?
The best practice to protect your pc from hacking attacks is to use a strong, unique password for all of your accounts.
Combinations of compromised passwords have been leaked online already. This means that your password has been in a data leek and usernames are unsafe, Google has confirmed.
Google offer a ‘Password Checkup’ which you can find by logging into your Google account.
Google have also said: “We’ll ask you to change your Google Account password if it might be unsafe, even if you don’t use Password Checkup.”
Think you’ve been hacked?
If you think your Google or any google products or services have been hacked, follow these steps to spot suspicious activity, access your account and make it secure.
If you can’t sign in, then go to the account recovery page and answer the questions there as best as you can.
Review your account activity
- To do this, first go to your Google account
- Select Security on the left navigation panel
- Then on the Recent security events panel select Review Security events and check for any suspicious activity:
- If you find activity that didn’t come from you, select No, it wasn’t me. Then, follow the steps on the screen to help secure your account.
- If you did the activity, select Yes. If you still believe someone else is using your account, find out if your account has been hacked.
Secure your account further by using MFA or 2FA
Multifactor Authentication is the use of a secondary device to permit the login. It can be a phone call, text message or an app, such as Google Authenticator.
Get used to this as this is being rolled out more and more as a requirement to set up an account.
Read more about Microsoft’s plans with Multifactor authentication on a previous News Hub post here