Web Browser Security
- July 18, 2011
Independent testing firm NSS Labs found that Internet Explorer 8 and 9 have better social engineering blocking technology, exceeding the Chrome, Firefox or Safari browsers.
- March 23, 2011
A breach at a registration authority caused Comodo to issue nine fraudulent certificates, enabling an attacker to impersonate some major websites and servers.
- January 28, 2011
Proof-of-concept code has surfaced enabling attackers to target the vulnerability. All versions of Windows are vulnerable.
- January 24, 2011
The proposal, which transmits a special HTTP header to websites, may be supported in future versions of Firefox, but in order for it to fully work, websites must also support the feature.
- January 18, 2011
Adobe Systems, Google, Microsoft and others are deploying applications that use sandboxing technology to defend against potential attacks, but savvy hackers know how to bypass it.
- January 14, 2011
Engineers at Adobe Systems Inc. are working on a redesign of the Flash Player Settings Manager to incorporate features requested by users and privacy advocates.
- January 04, 2011
Security researcher Michal Zalewski said his new cross_fuzz has helped identify about 100 bugs in prominent browsers that include Internet Explorer, Firefox and Opera.
- December 23, 2010
A new Microsoft advisory warns about the Internet Explorer zero-day and urges customers to use the Enhanced Mitigation Experience Toolkit to mitigate the flaw.
- December 22, 2010
The Metasploit Framework contains exploit code that targets a recently uncovered zero-day vulnerability in Internet Explorer.
- December 09, 2010
The software giant's last batch of scheduled fixes for 2010 is a "doozy" that will address critical remote code-execution flaws in Windows and IE.
- October 27, 2010
A member of Google's antimalware team revealed how the search engine giant combs billions of webpages for hidden malware downloads.
- September 08, 2010
Cybercriminals are dumping the traditional email phishing campaigns for social networks, where it's easier to social engineer attacks and gain trust of users.
- September 07, 2010
A flaw in Internet Explorer 8 can enable an attacker to steal data or force the victim to post to Twitter or other social networks.
- August 25, 2010
The popular browser component had 20 holes, 18 considered critical, enabling an attacker to execute code remotely, gain access to files and take control of a victim's computer.
- July 30, 2010
Announced at this week's Black Hat Briefings, root servers and Internet domains have now been signed with DNSSEC.