Beware: ExpressVPN finds location trackers in 450 apps with billions of downloadsBest VPN services of 2021Best Chromebook in 2021
North Korean hackers
While Google has yet to specifically provide details, CVE-2021-21148 was reported on January 24 by Mattias Buelens, a day after Google’s Threat Analysis Group (TAG) and Microsoft reported North Korean hackers launched an attack against the cyber-security community (via The Hacker News). The purpose of the hacker attack is reportedly to install a backdoor on Windows, and it was done by North Korean hackers luring security researchers to visit a fake research blog. Microsoft had reported (opens in new tab) on January 28 that this was most likely due to the Chrome zero-day bug CVE-2021-21148. A zero-day vulnerability is a term used when a computer software vulnerability, usually bugs or malware, is unknown to those who would be trying to fix it. This makes it very dangerous as it lets hackers rampage while security groups are none the wiser. The events all seem to lead to Google’s new Chrome update, so it goes without saying that it’s best to update the browser as soon as possible. Google has also stated it won’t fully release details “if the bug exists in a third-party library that other projects similarly depend on, but haven’t yet fixed.” Those looking for extra privacy and protection when online should look into subscribing to one of the best VPN services.