Microsoft Edge: New browser, new risks for Windows 10
Microsoft Edge, the new browser in Windows 10, represents a significant increase in the security over Internet Explorer. However, there are also new potential threat vectors …
Chrome extension thwarts user profiling based on typing behavior
The problems with passwords have already been well documented, and the main problem with static biometrics (“something you are”: fingerprints, retina patterns, …
Google Chrome update includes 43 security fixes
Google has released Chrome version 44.0.2403.89 for Windows, Mac, and Linux to address multiple vulnerabilities. Exploitation of one of these vulnerabilities may allow an …
Google Safe Browsing to start blocking sites with ads leading to unwanted software
Ad networks that don’t vet carefully what ads they serve will be the next “victims” of Google’s Safe Browsing service.Since August 2014, Google has …
High severity Internet Explorer 11 vulnerability identified after Hacking Team breach
After analyzing the leaked data from last week’s attack on Hacking Team, Vectra researchers discovered a previously unknown high severity vulnerability in Internet …
Firefox blocks Flash plugin by default until zero-days are fixed
For the last few years, many security experts have been urging users to evaluate whether they actually need to use Adobe Flash.The platform, once practically unavoidable, now …
Researchers point out the holes in NoScript’s default whitelist
Security researchers Linus Särud and Matthew Bryant hav recently discovered some pretty big holes in NoScript, a popular Firefox plugin that prevents executable web content …
Vegan and BeEF clash shows how cyber arms race never stops
Cyber attackers and defenders are caught in a permanent to-and-fro dance, coming up with new solutions that break the last one created by their adversaries. An example of this …
Microsoft flags Ask toolbar as unwanted and dangerous
From this month on, all versions of Ask.com’s infamous browser toolbar except the very last will be detected as unwanted software by Microsoft security products and …
Bug hunting without much tech knowledge or many tools
Bas Venis has been programming since he was 14 years old. After gaining some experience as a web developer, this 18-year-old self-taught security researcher got into IT …
Future attacks: Hiding exploit code in images
Successfully hiding messages in images has already been done, but is it possible to deliver an exploit in one – and run it? Saumil Shah, founder and CEO of Net-Square, …
Address spoofing Safari bug opens door for phishing attacks
Hacker David Leo has released a PoC exploit for a Safari vulnerability that can be misused to trick users into thinking they are on one site while they are actually on another …