Web Browser Security
- January 25, 2017
A critical Cisco WebEx vulnerability in the service's browser extensions was discovered and patched, though some disagree the patch goes far enough to protect against attack.
- December 16, 2016
Microsoft followed Google's lead in promising to block Flash Player content by default in some situations and experts say the moves should expedite the death of Flash.
- December 16, 2016
News roundup: A report finds nearly half the internet is filled with vulnerable websites. Plus, SWIFT confirms more hacks, Amit Yoran steps down from RSA and more.
- December 14, 2016
A new Certificate Transparency Monitoring tool from Facebook may help webmasters track and vet TLS certificates, as well as improve integrity and security for HTTPS traffic.
- December 07, 2016
A malvertising campaign could put millions at risk of attack as the Stegano exploit kit is being delivered by this new method and is targeting unpatched systems.
- November 21, 2016
As the internet prepares for deprecation of the obsolete secure hashing algorithm, Google and other browser companies prepare to drop support for SHA-1 certificates.
- October 31, 2016
Certificate transparency compliance will be mandatory for publicly trusted website certificates in order to be considered secure by Google's Chrome browser.
- October 28, 2016
Mozilla boots WoSign as a trusted certificate authority for backdating SHA-1 certs and other controversial behavior, and it prepares to add default support for TLS 1.3 in 2017.
- October 21, 2016
Roundup: Firefox browser will reject SHA-1 certificates as soon as Mozilla announces further details relating to the deprecation of the outdated algorithm; plus, Oracle patches and more.
- October 14, 2016
Attempting to tidy its root certificates, a mis-issued GlobalSign certificate revocation list left website owners scrambling to address cert errors, restore safe browsing icons.
- September 09, 2016
Google's campaign to encrypt the web continues, as Chrome browser security will flag any sites using HTTP for passwords or payment info as insecure, starting in 2017.
- August 09, 2016
Microsoft's August 2016 Patch Tuesday focuses on critical browser vulnerabilities in Edge and Internet Explorer, as well as flaws with Microsoft Office and PDF Library.
- May 13, 2016
A court filing is asking the FBI for responsible disclosure of the Tor vulnerability used to exploit the Tor browser and de-anonymize users during a criminal investigation.
- January 28, 2016
Oracle announced plans to deprecate the Java browser plug-in, a noted attack vector, though the choice was not entirely its own.
- January 08, 2016
Internet Explorer end of life is on the way for three versions of Microsoft's Web browser, and enterprises need to understand which versions of Windows will still be supported.