Microsoft Edge Wants Your Chrome Data; Windows Machines Targeted with Zip File Malware; Amazon Announces New Discount Store; Microsoft Fixes Dozens of Security Flaws… and more!
Every day, we scan the tech world for interesting news, sometimes from outside the tech world. Every Thursday, we feature news articles that grabbed our attention over the past week. We hope you find this week’s ‘Thursday Newsbytes’ informative and interesting!
Microsoft Edge wants your Chrome data and is sneakily trying to get it
A new pop-up uses dark patterns to get you to migrate browser data over to Edge.
Google Chrome remains the biggest and baddest browser around, and Microsoft has been struggling to claw out more market share in the browser space with its Chromium-based Edge.
That’s why the company has attempted several underhanded tactics over the years, like forcing links to open in Edge and ignoring user settings for default browsers. And earlier this year, Edge was caught “stealing” tabs from Chrome, purportedly due to a data import bug.
Well, it seems Microsoft is up to no good again, this time with an Edge update that causes the browser to automatically start up with the PC and prompt the user to import data from other browsers.
As reported by The Verge, this pop-up has a checked-by-default option to “bring over your data from other browsers regularly,” which includes open tabs, browsing history, bookmarks, and more…
Windows machines are being targeted with ZIP file workaround
There is a way to merge multiple ZIP files into one and thus hide malware
Hackers are using ZIP file concatenation to bypass security solutions and infect their targets with malware through email messages, experts have warned.
A report from cybersecurity researchers Perception Point outline how they recently observed one such campaign while analyzing a phishing attack.
ZIP file concatenation is a type of attack in which multiple ZIP files are merged into one, in order to trick the archiver programs and antivirus solutions.
Mitigating the problemAs Perception Point explains, the crooks would create two (or more) ZIP archives – one completely benign, maybe holding a clean .PDF file, or something similar, and one carrying the malware. Then, they would append the ZIP files into a single file which, while being shown as one file, contains multiple central directories pointing to different sets of file entries.
Different archivers, such as Winzip, WinRaR, 7zip, and others, handle these types of files differently, allowing crooks to move past cybersecurity solutions…
Amazon debuts discount store with everything under $20 to take on Temu and Shein
Amazon has rolled out a new storefront featuring apparel, home goods, electronics and other items priced below $20, to fend off growing competition from discount upstarts Temu and Shein.
Called “Amazon Haul,” the storefront is accessible through the company’s mobile app, and promises “crazy low prices” on a plethora of goods. Shoppers can buy $1 eyelash curlers and oven gloves, or a $3 nail dryer. The company is offering free shipping on orders over $25, or a $3.99 shipping fee on orders below that threshold.
An Amazon spokesperson pointed to a company blog post announcing the storefront. The company noted that it screens the products offered through Haul to make sure they’re safe, authentic and comply with regulatory requirements….
Microsoft fixes dozens of security flaws in Windows and Office
Close to a hundred issues have been addressed in November’s Patch Tuesday, including six zero-day vulnerabilities in Windows.
November’s Patch Tuesday has finally come, and with it Microsoft has eliminated 89 security vulnerabilities across Windows and other Microsoft apps and services. Four of those vulnerabilities are classified as “critical” and all but one of the remaining vulnerabilities are “high risk.”
According to Microsoft, two Windows vulnerabilities were already being exploited in the wild, with a total of six zero-day security flaws fixed in this patch. As of now, even without December, 2024 is already the year with the second most vulnerabilities patched.
Microsoft doesn’t offer any details on these vulnerabilities in the Security Update Guide, but fortunately Dustin Childs covers it all in a much clearer way on the Zero Day Initiative blog,
On top of all this, Microsoft has released a new version of the Windows Malicious Software Removal Tool, which you can use to find malware threats on your system and reverse any damage they’ve caused.
Microsoft’s president has a warning about China
Despite a yearslong effort to curb China’s technological advances, a top Microsoft (MSFT) executive is warning that the country is not as far behind as the West might think.
Microsoft president Brad Smith said in an interview with CNBC (CMCSA) that “in many ways, China is close to, or is even catching up,” with the West.
“I think one of the dangers, frankly, is that people who don’t go to China too often assume that they’re behind,” Smith said at the Web Summit tech conference in Lisbon, Portugal. “But when you go there, you’re impressed by how much they’re doing.”
Asked about U.S.-China trade and technology transfers amid the transition from President Joe Biden to President-elect Donald Trump, Smith said it was too early to assess the impact.
As a U.S.-based company, Microsoft “can do business in China only when we are offering a service that the Chinese government wants to have there, and the U.S. government wants us to bring there,” Smith said…
Thanks for reading this week’s Thursday Newbytes. We hope these articles were informative, interesting, fun, and helpful. Darcy & TC
