Bug in Google Breaking Search Result Links




Discovered by a Twitter account of the site wellness-heaven.de , there exists a bug in Google Search known to break the search results when utilizing Safari in macOS if the connection contains a plus symbol.


First observed on around September 28th, when there was critical drop in the site's activity from Safari users.For example, on the off chance that you search for a specific keyword and one of the search results contains a plus symbol, similar to https://forums.developer.apple.com/search.jspa?q=crash+app+store&view=content,
then when you tap on the connection it won't do anything.

At the point when the issue was accounted for to John Mu, a webmaster trends analyst at Google, he answered back that it was undoubtedly unusual and that he would pass on the bug report.

The BleepingComputer could affirm this bug utilizing the search results for Apple found on Safari in macOS Sierra. They have likewise reached out to Google as well for more comments in regards to this bug, however did not heard back.

This bug is likewise influencing Firefox 61.0.1 in macOS, however seems, by all accounts to be working fine with Chrome 69.


Anyway, it is recommended for the users who may have seen a plunge in traffic beginning around September 28, to check their analytics software to decide whether this is originating from Safari users being unable to click on their links.


New Malware Variant Designed To Swindle Financial Data from Google Chrome and Firefox Browsers



Researchers have as of late discovered Vega Stealer a malware that is said to have been created in order to harvest financial information from the saved credentials of Google Chrome and Mozilla Firefox browsers.

At present,  the Vega Stealer is just being utilized as a part of small phishing campaigns, however researchers believe that the malware can possibly bring about major hierarchical level attacks as it is just another variation of August Stealer crypto-malware that steals credentials, sensitive documents, cryptocurrency wallets, and different subtle elements put away in the two browsers.

On May 8 this year, the researchers observed and obstructed a low-volume email campaign with subjects, for example, 'Online store developer required'. The email comes with an attachment called 'brief.doc', which contains noxious macros that download the Vega Stealer payload.

The Vega Stealer ransomware supposedly focuses on those in the marketing, advertising, public relations, and retail/ manufacturing industries. Once the document is downloaded and opened, a two-step download process begins.

The report said "...The first request executed by the document retrieves an obfuscated JScript/PowerShell script. The execution of the resulting PowerShell script creates the second request, which in turn downloads the executable payload of Vega Stealer, the payload is then saved to the victim machine in the user's "Music" directory with a filename of 'ljoyoxu.pkzip' and once this file is downloaded and saved, and it is executed automatically via the command line."

At the point when the Firefox browser is in utilization, the malware assembles particular documents having different passwords and keys, for example, "key3.db" "key4.db", "logins.json", and "cookies.sqlite".

Other than this, the malware likewise takes a screenshot of the infected machine and scans for any records on the framework finishing off with .doc, .docx, .txt, .rtf, .xls, .xlsx, or .pdf for exfiltration.
While the researchers couldn't ascribe Vega Stealer to any particular group, regardless they guarantee that the document macro and URLs associated with the crusade propose that a similar threat actor is responsible for campaigns spreading financial malware.

So as to be protected, Ankush Johar, Director at Infosec Ventures, in a press statement said that "...Organisations should take cyber awareness seriously and make sure that they train their consumers and employees with what malicious hackers can do and how to stay safe from these attacks. One compromised system is sufficient to jeopardize the security of the entire network connected with that system."

Because while Vega Stealer isn't the most complex malware in use today, but it does demonstrates the adaptability and flexibility of malware, authors, and actors to accomplish criminal objectives.