New & Notable
Web browser security News
August 16, 2018
The finalized TLS 1.3 update has been published after a four-year process. The new protocol promises to be faster and more secure than its predecessor, TLS 1.2.
July 13, 2018
In an effort to mitigate the risk of Spectre attacks, Google Chrome site isolation has been enabled for 99% of browser users to minimize the data that could be gleaned by an attacker.
July 09, 2018
A Firefox bug went undetected for nine years. Expert Michael Cobb explains how it enabled attackers to access the browser's master password and what's being done to mitigate it.
June 29, 2018
News roundup: Upcoming WebAssembly updates may undo the Meltdown and Spectre mitigations. Plus, FireEye denied claims it 'hacked back' China, and more.
Web browser security Get Started
Bring yourself up to speed with our introductory content
A certificate authority (CA) is a trusted entity that issues digital certificates, which are data files used to cryptographically link an entity with a public key. Continue Reading
Despite fixing important security problems, the official TLS 1.3 release date keeps getting pushed back, in part due to failures in middlebox implementations. Continue Reading
Expert Judith Myerson outlines the different types of HTTP security headers and how to add them to different servers, including Apache, Ngnix and Microsoft IIS Manager. Continue Reading
Evaluate Web browser security Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
After introducing HTTP Public Key Pinning to the internet two years ago, the upcoming Chrome will replace it with the Expect-CT header. Matt Pascucci explains the switch. Continue Reading
Google's use of HTTP Strict Transport Security aims to improve web browsing security. Expert Judith Myerson explains how HSTS can make the internet more secure. Continue Reading
Shortened URLs are weak on security and easy for attackers to inject with malware. Expert Judith Myerson discusses how long URLs are more secure, despite the inconvenience. Continue Reading
Manage Web browser security
Learn to apply best practices and optimize your operations.
Google instituted an aggressive ban on all cryptomining extensions for Chrome after cryptojacking attacks started to become more common. Learn how the ban works with Michael Cobb. Continue Reading
Researchers at Malwarebytes discovered several new browser extension threats. Discover how to avoid and properly removed malicious add-ons with expert Nick Lewis. Continue Reading
The CVE-2018-0886 vulnerability found within Microsoft's CredSSP was recently patched. Discover what this vulnerability is and how it affects the CredSSP protocol with Judith Myerson. Continue Reading
Problem Solve Web browser security Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
The OurMine hacking group recently used DNS poisoning to attack WikiLeaks and take over its web address. Learn how this attack was performed from expert Nick Lewis. Continue Reading
Antivirus software is crucial to your device's security. However, less is often more, especially when considering a secondary free antivirus program. Nick Lewis explains why. Continue Reading
The Katyusha Scanner is based on the open source penetration test scanner Arachni. However, it has been modified to work through Telegram accounts. Nick Lewis explains how it works. Continue Reading