Silvano Rebai - Fotolia
Due to the volume of commerce on the internet that has evolved into a complex system that depends on advertising to support systems, numerous privacy challenges have arisen, as well as malicious ads.
With endpoint software and security tools attempting to address malvertising, such as with pop-up and ad blockers, the chance a user will be impacted by malvertising has been reduced, but it cannot be eliminated. In order to positively influence privacy on the internet, Firefox is changing its approach to force many websites and third-party advertisers to change how they operate, which may also help address malvertising.
The privacy aspects of cross-site tracking -- the collection of web browser data across multiple sites using scripts, widgets or images and then using that data to create a profile about a person -- are particularly troublesome. However, there are security aspects from websites that include third-party website content. Some enterprises may review all third-party content before it is included on their websites, and rigorous security assessments on any third party can be performed, though this requires significant effort and might not be done for all content.
Mozilla's announcement that cross-site tracking will be blocked by default in Firefox 63 should reduce the risk that third-party content could be compromised and used to publish malvertising. Another benefit is that this change may reduce the complexity of websites and make it easier to investigate incidents, as an investigation would only include a specific enterprise's website.
Ask the expert:
Have a question about enterprise threats? Send it via email today. (All questions are anonymous.)
Dig Deeper on Web browser security
Related Q&A from Nick Lewis
An iPhone phishing scam leads users to believe malicious incoming calls are from Apple Support. How can enterprises protect their employee against ... Continue Reading
Is GitHub's new private repositories service robust enough to serve the needs of enterprises? Nick Lewis examines what works -- and what doesn't. Continue Reading
The Vidar malvertising attack was part of a two-pronged intrusion that included the installation of ransomware in endpoints. How can enterprises ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.