-
Web browser security tutorial: Safari, IE, Firefox browser protection
Newly updated: This Web browser security tutorial identifies the inherent flaws of Internet Explorer and Mozilla Firefox, introduces viable Web browser alternatives and provides tools and tactics to maximize your Web browsing security and browser pro... Learning Guide
-
Spyware Protection and Removal Tutorial
This free spyware protection and removal tutorial is a compilation of free resources that explain what spyware is, how it attacks and most importantly what you can to do to win the war on spyware. Learning Guide
-
State-based attacks: Session management
In this excerpt from Chapter 4 of "How to Break Web Software: Functional and Security Testing of Web Applications and Web Services," authors Mike Andrews and James A. Whittaker identify session management techniques Web developers should use to prote... Book Chapter
-
Firefox security
What if Firefox was as big a target as Internet Explorer? Would it still be the more secure option? Confessed Microsoft enthusiast Brien Posey examines the reality of Firefox's more secure reputation. Opinion
-
SearchSecurity.com's top clicks of 2005
SearchSecurity.com's top five tips, news articles and learning tools from 2005. Top clicks of 2005
-
Gaining access using application and operating system attacks
In this excerpt from Chapter 7 of Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses, Second Edition, authors Ed Skoudis and Tom Liston explain how security professionals can use exploit frameworks to their advanta... Book Chapter
-
Web Security School Lesson 3
In Lesson 3 of Web Security School, Michael Cobb teaches you how to plan and implement Web directory structures and permissions, and manage secure Web development. Also, a primer on secure coding and data management, and procedures for combating Web ... Security School
-
Is spyware getting the best of you?
With spyware present in the majority of corporate PCs, chances are good that it's rampant in your systems. Find out how much you know about beating spyware with this quiz. Security Quiz
-
Test drive: Firefox enhancements make IE look like an 'artifact'
Our reviewer takes Firefox 1.0.1 for a spin. Review
-
Adobe issues support for Flash Player sandboxing in Firefox
Adobe has launched the pubic beta of a new Flash Player sandbox feature for Firefox users, making attacks more difficult for cybercriminals. News | 06 Feb 2012
-
Phoenix Exploit Kit responsible for mass WordPress compromises
Security firm M86 Security has discovered hundreds of WordPress websites compromised by Phoenix. News | 30 Jan 2012
-
Fake Firefox update delivers malware, exploit kits
Malicious webpages masquerading as browser updates are being used by attackers as launch pads for Trojan viruses and exploit kits. News | 27 Jan 2012
-
Time to ban dangerous apps? Exploring third-party app security
Column: Third-party applications are notoriously hard to patch and often easy to exploit. Is it time to ban applications, or can they be secured with a new approach? News | 27 Jan 2012
-
Twitter acquires Dasient in security buying spree, Android platform focus
Web-based antimalware vendor Dasient is the second security firm acquired by Twitter in recent months. In November, Twitter acquired Android security vendor, Whisper Systems. News | 24 Jan 2012
-
Black Hole kit fuels drive-by attacks, rogue antivirus declines, Sophos finds
The Black Hole crimeware kit has caused drive-by attacks to surge, according to the Sophos 2012 threat report. News | 24 Jan 2012
-
Adobe repairs critical Reader, Acrobat flaws, adds JavaScript control
The January 2012 update includes repairs to Adobe Reader X and a new feature giving administrators the ability to whitelist JavaScript execution. News | 10 Jan 2012
-
HTML 5 security issues pose challenges for enterprises, experts say
While the Adobe Flash replacement packages browser data more efficiently, HTML 5 security issues present holes that could be targeted by attackers. News | 30 Nov 2011
-
DigiNotar CA breach widens, Microsoft, Dutch government take action
A report prepared by the IT security firm conducting an audit of the DigiNotar network, found serious lapses in security and more than two dozen compromised CA servers. News | 06 Sep 2011
-
New Java 7 features improve security
New features in Java 7 aim at bolstering security by switching off weaker encryption schemes. News | 06 Sep 2011
- See More: News on Web Browser Security
-
Addressing the dangers of JavaScript in the enterprise
The dangers of JavaScript are no secret to security professionals. Expert Michael Cobb discusses enterprise JavaScript defense technology and tactics. Tip
-
Is private browsing really private? Identifying Web browser risk
Private browsing may offer users a false sense of security when surfing the Web. In this expert tip, learn how private browsing really works, and how to mitigate its risks. Tip
-
Assessing Internet Explorer 9 security: Safest browser ever?
Research shows Internet Explorer 9 security identifies as much as 99% of potential malware. So is IE9 now the safest browser out there? Michael Cobb answers that question in this expert tip. Tip
-
Secure browsing: Free plug-in lessens social networking security risks
Looking for ways to improve employees' browsing security? Learn about the free SecureBrowsing plug-in from M86 Security that can lessen social networking security risks. Tip
-
Evaluating tools for online bank security
Criminals are hijacking online bank accounts with sophisticated bank Trojans but a variety of technologies promise online bank security. In this tip, Dave Shackleford examines the pros and cons of tools designed to thwart online banking fraud. Tip
-
Operation Aurora: Tips for thwarting zero-day attacks, unknown malware
In December 2009, Google, Adobe and other companies were the victims of a damaging cyberattack called Operation Aurora. In this tip, expert Nick Lewis outlines the lessons learned from this attack, and how companies can avoid falling victim to simila... Tip
-
Should you disable IE ESC, or manage it in Windows servers?
Internet Explorer Enhanced Security Configuration (IE ESC) locks down IE on Windows servers, but admins often disable it. Tip
-
IE 8 beta 2 security features may mark improvements for browser security
Despite Microsoft's previous best efforts to build a more secure browser, some users may have been discouraged with Internet Explorer 7. That may change now with the beta release of IE 8. Michael Cobb explores the latest browser's security features a... Tip
-
Preparing for uniform resource identifier (URI) exploits
URIs have always been a user-friendly way to recognize and access Web resources. By crafting malicious URLs and manipulating protocol handlers, however, attackers have devised new attacks that take advantage of the URI's locator functionality. Web se... Tip
-
Scaling back Web browser security expectations
Some say the state of Web browser security is in peril because browsers often fail to act as a first line of defense against malware. Does that mean there's a browser architecture crisis? Web security expert Michael Cobb says Web browser security cou... Tip
- See More: Tips on Web Browser Security
-
Explaining how trusted SSL certificates and forged SSL certificates work
Web security relies on valid, trusted SSL certificates, but as Michael Cobb explains, forged SSL certificates undermine the model for trusted Web connections. Answer
-
Dangerous applications: Time to ban Internet Explorer, Adobe in the enterprise?
CSIS says five dangerous applications are to blame for 99% of malware. Is it time to ban Internet Explorer, Flash and the others in the enterprise? Answer
-
Do WebKit exploits escalate risk of Web browser attacks?
The WebKit framework suffers from several vulnerabilities that can be exploited to conduct Web browser attacks. Expert Michael Cobb discusses the risk. Answer
-
Securing IE with plug-ins Google Chrome Frame and IETab
Web browser plug-ins can bolster IE security for legacy apps that have to run on outdated versions of Internet Explorer. Answer
-
Assessing Google Chrome extension flaws and Chromebook security
Learn how flaws in the Google Chrome extensions affect the Chromebook security and the role they play in a risk assessment. Answer
-
NoScript addon: A valuable addition to your antimalware toolkit
Browser plug-ins like the NoScript add-on can help prevent malware infections when configured correctly. Expert Nick Lewis explains. Answer
-
Firefox versus IE: Which is the most secure Web browser?
Those organizations that haven’t upgraded to IE9 may consider Firefox a viable option. But is it a more secure Web browser? Michael Cobb has the answer. Answer
-
Firefox 4 vs. Firefox 5: The risks of delaying an upgrade
Given the rapid release of new versions of Firefox, is it worth upgrading to Firefox 5 or should you wait? Expert Michael Cobb offers guidance. Answer
-
Managing toolbars and other third-party browser extensions
Third-party browser extensions like toolbars can jeopardize client security. Expert Michael Cobb discusses what can be done to manage these risks. Answer
-
Browser plug-ins for search engine poisoning protection
Learn about browser plug-ins that can help protect end users from malware delivered via search engine poisoning. Answer
- See More: Expert Advice on Web Browser Security
-
honey monkey
A honey monkey is a virtual computer system that is programmed to lure, detect, identify and neutralize malicious activity on the Internet. The expression, coined by Microsoft, is based on the term honey pot, which refers to a computer system express... Word
-
JavaScript hijacking
JavaScript hijacking is a technique that an attacker can use to read sensitive data from a vulnerable Web application, particularly one using Ajax (Asynchronous JavaScript and XML)... (Continued) Word
-
cache poisoning (domain name system poisoning or DNS cache poisoning)
Word
-
browser hijacker (hijackware)
Word
-
cache cramming
Word
-
NCSA
Word
-
Gartner’s Neil MacDonald on IE9 security, Apple security issues
In this video, Gartner’s Neil MacDonald discusses patch management, IE9 security, his Windows 8 security wish list and protecting Apple computers. Video
-
Noted cryptographer on SSL, encryption and cloud computing
Cryptographer, Taher Elgamal of Axway Inc., the inventor and initial driving force behind SSL, explains how applications may be better adapted to defend against attacks. Video
-
Mozilla security chief on Firefox improvements
Mozilla's "human shield" Johnathan Nightingale discusses Firefox browser privacy and security issues at the recent Black Hat briefings in Las Vegas. Video
-
Top five ways to keep users safe from today's Web-based threats
42% of security professionals surveyed by SearchSecurity.com said they'll be spending more time on threat management in 2008 than they did in 2007. This Podcast details the top five ways to defend against today's Web-based threats and discusses how t... Podcast
-
Adobe issues support for Flash Player sandboxing in Firefox
Adobe has launched the pubic beta of a new Flash Player sandbox feature for Firefox users, making attacks more difficult for cybercriminals. News
-
Phoenix Exploit Kit responsible for mass WordPress compromises
Security firm M86 Security has discovered hundreds of WordPress websites compromised by Phoenix. News
-
Fake Firefox update delivers malware, exploit kits
Malicious webpages masquerading as browser updates are being used by attackers as launch pads for Trojan viruses and exploit kits. News
-
Time to ban dangerous apps? Exploring third-party app security
Column: Third-party applications are notoriously hard to patch and often easy to exploit. Is it time to ban applications, or can they be secured with a new approach? News
-
Explaining how trusted SSL certificates and forged SSL certificates work
Web security relies on valid, trusted SSL certificates, but as Michael Cobb explains, forged SSL certificates undermine the model for trusted Web connections. Answer
-
Dangerous applications: Time to ban Internet Explorer, Adobe in the enterprise?
CSIS says five dangerous applications are to blame for 99% of malware. Is it time to ban Internet Explorer, Flash and the others in the enterprise? Answer
-
Twitter acquires Dasient in security buying spree, Android platform focus
Web-based antimalware vendor Dasient is the second security firm acquired by Twitter in recent months. In November, Twitter acquired Android security vendor, Whisper Systems. News
-
Black Hole kit fuels drive-by attacks, rogue antivirus declines, Sophos finds
The Black Hole crimeware kit has caused drive-by attacks to surge, according to the Sophos 2012 threat report. News
-
Adobe repairs critical Reader, Acrobat flaws, adds JavaScript control
The January 2012 update includes repairs to Adobe Reader X and a new feature giving administrators the ability to whitelist JavaScript execution. News
-
Do WebKit exploits escalate risk of Web browser attacks?
The WebKit framework suffers from several vulnerabilities that can be exploited to conduct Web browser attacks. Expert Michael Cobb discusses the risk. Answer
- See More: All on Web Browser Security
About Web Browser Security
This resource center provides news, expert advice, and learning tools regarding browser security including flaws, threats, problems, errors and vulnerabilities and offers solutions for patching and fixing them. This section covers Internet Explorer, Firefox, Opera, Safari, Google Chrome and more.