News
Web Browser Security
- November 07, 2019
07 Nov'19
SSL certificate abuse drives growing number of phishing attacks
Phishing attacks against the United Nations and humanitarian organizations show how threat actors are weaponizing valid SSL certificates and how hard it is to stop the abuse.
- November 06, 2019
06 Nov'19
Firefox bug is enabling attackers to freeze out users
A recently reported bug in Firefox allows spammed authentication dialogs to lock users out of their browsers and it is under attack in the wild, despite previous efforts to patch.
- September 20, 2019
20 Sep'19
Sinkholed Magecart domains resurrected for advertising schemes
Security vendor RiskIQ discovered several old Magecart domains that had been sinkholed were re-registered under new owners and are now engaged in fraudulent advertising activity.
-
- July 17, 2019
17 Jul'19
E-commerce platforms used for domain spoofing against Best Buy
Despite efforts to flag spoofed domains imitating Best Buy, the sites are still active on e-commerce platforms like Shopify and GearLaunch, which have not taken them down.
- April 30, 2019
30 Apr'19
Inside 'Master134': Propeller Ads connected to malvertising campaign
A SearchSecurity investigation determined ad network Propeller Ads played a significant role in the early stages of the Master134 malvertising campaign.
- April 30, 2019
30 Apr'19
Inside 'Master134': ExoClick tied to previous malvertising campaigns
Online ad network ExoClick denied any involvement in the Master134 campaign, but the company has ties to similar malvertising threats.
- April 30, 2019
30 Apr'19
'Master134' malvertising campaign raises questions for online ad firms
Malvertising and adware schemes are a growing concern for enterprises. Our deep investigation into one campaign reveals just how complicated threats can be to stop.
- April 30, 2019
30 Apr'19
Inside the 'Master134' malvertising campaign
This six-part series examines the unique malvertising campaign known as Master134 and the role that various digital advertising networks played in the threat.
- April 30, 2019
30 Apr'19
Inside 'Master134': Adsterra's history shows red flags, abuses
Adsterra denied it was involved in the Master134 malvertising campaign, but a review of the company's history reveals many red flags, including activity in a similar campaign.
- April 30, 2019
30 Apr'19
Inside 'Master134': More ad networks tied to malvertising campaign
Check Point's report on the Master134 malvertising campaign implicated five ad networks, but a SearchSecurity investigation revealed more companies were involved.
-
- April 30, 2019
30 Apr'19
Inside 'Master134': Ad networks' 'blind eye' threatens enterprises
Online ad networks linked to the Master134 malvertising campaign and other malicious activity often evade serious fallout and continue to operate unabated.
- February 01, 2019
01 Feb'19
Google planning warnings for lookalike URLs in Chrome
Google is planning to add warnings on lookalike URLs in an ongoing effort to ensure internet users experience useful and clear warnings while using the Chrome browser.
- December 21, 2018
21 Dec'18
Microsoft patches Internet Explorer zero-day bug under attack
News roundup: Microsoft issues an emergency patch for an Internet Explorer bug exploited in the wild. Plus, authorities indict three individuals for 'stresser' services, and more.
- October 12, 2018
12 Oct'18
Mozilla delays distrust of Symantec TLS certificates, Google doesn't
Mozilla delays plans to distrust Symantec TLS certificates in Firefox because despite more than one year's notice, approximately 13,000 websites still use the insecure certificates.
- September 26, 2018
26 Sep'18
Controversial Chrome login feature to be partially rolled back
Google will modify the next version of Chrome in an attempt to appease critics of the browser's cookie retention functionality and automatic Chrome login feature.