cR0w on Nostr: I don't know who ( else ) needs to hear this ( again ), but if you are not deploying ...
I don't know who ( else ) needs to hear this ( again ), but if you are not deploying in-browser ad blockers to your users, you are explicitly accepting the risk of a threat actor paying a large, greedy corporation to execute malicious code in your users' browsers.
Ad blockers are a security control. Your browser patching and EDR / XDR systems are only so effective.
Yes, this is because of offline discussions regarding the recent run of Chromium 0days.
Published at
2024-05-29 15:48:59Event JSON
{
"id": "72821344c0bffe3a6b110bdc0be56f5c11f3ba02c4c474116e8175985f31979f",
"pubkey": "14609e2d429cc6b47de05d41a9840716e4d2e0bec59e8bbf79ad79dd7c5def64",
"created_at": 1716997739,
"kind": 1,
"tags": [
[
"proxy",
"https://infosec.exchange/users/cR0w/statuses/112525163834018788",
"activitypub"
]
],
"content": "I don't know who ( else ) needs to hear this ( again ), but if you are not deploying in-browser ad blockers to your users, you are explicitly accepting the risk of a threat actor paying a large, greedy corporation to execute malicious code in your users' browsers.\n\nAd blockers are a security control. Your browser patching and EDR / XDR systems are only so effective.\n\nYes, this is because of offline discussions regarding the recent run of Chromium 0days.",
"sig": "75b627ae4e84b67f2f249fbcd39bdd4d180b0b83246f1b8476fe43600909f51c00be279c9ad1819fc51aee68239e81a32ce7a4d307696b30e379a9fe0419bb1a"
}
