Google proposed putting restrictions on this API but has relaxed these somewhat in the new version of Manifest V3. It originally planned to allow browser extensions to make 5,000 content-filtering “rules,” but it has now increased this to 30,000 rules. AdGuard, an ad blocker, has tentatively welcomed some of the revised changes. Elsewhere, uBlock Origin, which uses around 300,000 filtering rules, has created a “lite” version of its extension in response to Manifest V3. The developer behind uBlock Origin says the lite version is not as “capable” as the full version. Meanwhile, browser makers Brave and Firefox say they are introducing work-arounds to stop ad blockers from being impacted by the changes.
Supply chain attacks, where malware is implanted in a company’s legitimate software and spread to the firm’s customers, can be incredibly hard to detect and can cause billions of dollars in damage if they’re successful. Hackers for North Korea are increasingly adopting the sophisticated attack method.
This week Microsoft revealed it has discovered the hermit kingdom’s hackers implanting malicious code inside an installer file for photo and video editing software CyberLink. The installer file used legitimate code from CyberLink and was hosted on the company’s servers, obscuring the malicious file it contained. Once installed, Microsoft said, the malicious file would deploy a second payload. More than 100 devices have been impacted by the attack, Microsoft says, and it has attributed the attack to the North Korea-based Diamond Sleet hacking group.
After details of the attack were revealed, the UK’s National Cyber Security Centre and the Republic of Korea’s National Intelligence Service issued a warning saying that North Korea’s supply chain attacks are “growing in sophistication and volume.” The two bodies say the tactics support North Korea’s wider priorities, such as stealing money to help fund its ailing economy and nuclear programs, espionage, and stealing tech secrets.
Some flights have had to change course or lost satellite signals in midair due to electronic warfare, The New York Times reported this week. The ongoing conflicts in Ukraine and Gaza have seen GPS jamming and spoofing technologies interfere with the daily operation of flights in and around the areas. The incidents, so far, have not been dangerous. But they highlight the increase in electronic warfare capabilities—which seek to interrupt or disrupt the technologies used for communications and infrastructure—and how the technology needed to launch them is getting cheaper. Since Russia’s full-scale invasion of Ukraine in February 2022, electronic warfare tactics have become increasingly common on both sides, as drones being used for surveillance and reconnaissance have had their signals interrupted and rockets have been sent off course.
Gamaredon is one of Russia’s most brazen hacking groups—the hackers have consistently attacked Ukrainian systems. Now one piece of its malware, a worm that spreads via USB stick and is dubbed LitterDrifter, has spread internationally. The worm has been spotted in the US, Hong Kong, Germany, Poland, and Vietnam, according to researchers at security firm Check Point. The company’s researchers say the worm includes two elements: a spreading module and a second module that also communicates with Gamaredon’s servers. “It’s clear that LitterDrifter was designed to support a large-scale collection operation,” the Check Point researchers write, adding that it’s likely the worm has “spread beyond its intended targets.”