Blog Posts Tagged with "Browser Security"
Bad Piggies, Graffiti and the IRT
December 21, 2012 Added by:Fergal Glynn
Chrome users have almost no way of evaluating the trustworthiness of Chrome extension publishers because Google doesn’t have any reputation ranking system, nor does it review applications and extensions before they’re published...
Comments (0)
Java in the Cross-Hairs of Enterprise Security
September 26, 2012 Added by:Rafal Los
Enterprises seem to have a love-hate relationship with Java. It's a client we aren't thrilled with, but when it comes to cross-platform use there aren't really any other alternatives. If you look around you'll find that many of the security platforms are written in what? Java...
Comments (0)
How to Activate 'Do Not Track' in Your Browsers
June 21, 2012 Added by:Electronic Frontier Foundation
Do Not Track combines both technology (a signal transmitted from a user) as well as a policy framework for how companies that receive the signal should respond. The following tutorial walks you through the enabling Do Not Track in the four most popular browsers: Safari, Internet Explorer 9, Firefox, and Chrome...
Comments (0)
Cookies: Should We Really Like Them?
June 01, 2012 Added by:Ahmed Saleh
You should acknowledge that Cookies are widely used and can't really be avoided. If you wish to enjoy your internet surfing experience by navigating to “cookie creating websites” you should have a clear understanding of how cookies operate, and how to protect them from being abused...
Comments (0)
Twitter Commits to Respecting Do Not Track with New Policy
May 21, 2012 Added by:Electronic Frontier Foundation
This doesn’t mean Twitter will stop collecting all data on you. They’ll still be able to collect aggregate data about your browsing habits for analytics and security, but they won’t set a cookie and they won’t use data to suggest users to you or for tailoring your Twitter experience...
Comments (0)
Cyber Self Defense For Non-Geeks
March 28, 2012 Added by:Jeffrey Carr
These principles won’t be sufficient when you’re in high-risk locales and they won’t stop a targeted attack, but they will make it less likely that you’ll suffer a serious breach because of poor security habits or over-reliance on antivirus or firewall applications...
Comments (0)
IC3: Browser Bot Infection and HTML Attachment Malware
March 28, 2012 Added by:Headlines
The open source browser can now function like a bot and accept commands. It can process the content of the current page where it is located, redirect the user, halt the loading of particular pages, steal passwords, run executables, and even kill itself...
Comments (0)
Malicious Exploits: Hitting the Internet Waves with CSRF Part 2
March 27, 2012 Added by:Brent Huston
Using the HTTP specified usage for GET and POST, in which GET requests never have a permanent effect, while good practice is not sufficient to prevent CSRF. Attackers can write JavaScript or ActionScript that invisibly submits a POST from to the target domain...
Comments (0)
Can DNS Attacks Threaten the Internet on a Large Scale?
March 27, 2012 Added by:Alan Woodward
This attack is theoretically possible because the DNS is a hierarchy. At the top level are 13 servers. Disrupt them and you could disrupt the entire DNS network. Authorities know this and they put a lot of effort into ensuring that the DNS network can cope with a DOS attack...
Comments (3)
Mozilla's Boot to Gecko: Do Not Track on a Mobile OS
March 20, 2012 Added by:Electronic Frontier Foundation
There is ample evidence mobile applications are exceeding the privacy expectations of users. The first implementation of Do Not Track on a mobile OS is a big step toward ensuring users have a meaningful choice when it comes to digital tracking...
Comments (0)
Fake YouTube Site Targets Activists with Malware
March 17, 2012 Added by:Electronic Frontier Foundation
The fake YouTube page attacks users in two ways: it requires you to enter your YouTube login credentials in order to leave comments, and it installs malware disguised as an Adobe Flash Player update. To see if you have been infected, look for the following files...
Comments (0)
Malicious Exploits: Hitting the Internet Waves with CSRF
March 13, 2012 Added by:Brent Huston
DHS ranks the CSRF vulnerability as the 909th most dangerous software bug, more dangerous than most buffer overflows. CSRF vulnerabilities can result in remote code execution with root privileges or compromise root certificates, completely undermining a public key infrastructure...
Comments (0)
HTTPS and Tor: Working to Protect Your Security Online
March 09, 2012 Added by:Electronic Frontier Foundation
EFF frequently recommends that Internet users who are concerned about protecting their anonymity and security online use HTTPS Everywhere, which encrypts your communications with many websites, in conjunction with Tor, which helps to protect your anonymity online...
Comments (0)
The Need for Advancements in Browser Based Security
March 08, 2012 Added by:Headlines
"Data protection is fast becoming a product and service differentiator. It is incumbent on business leaders to take a holistic view of these issues and understand how they are undermining consumer trust. Now is the time for businesses to make data protection a priority..."
Comments (0)
Google Releases Vulnerability Fixes with Chrome 17.0.963.65
March 05, 2012 Added by:Headlines
Google has released Chrome 17.0.963.65 for Windows, Macintosh, Linux and Google Chrome Frame which provides fixes for multiple vulnerabilities identified may have allowed for denial-of-service (DoS) attacks or the execution of malicious arbitrary code...
Comments (0)
OTA Advocates Always On SSL
March 05, 2012 Added by:Headlines
Online Trust Alliance (OTA) is calling on the security, business and interactive advertising communities to adopt Always On SSL (AOSSL), the approach of using SSL/TLS across your entire website to protect users with persistent security, from arrival to login to logout...
Comments (0)
- Verizon 2014 DBIR: Hide Your Servers and Call the Cops
- 2014 SecurityWeek Golf Classic to Take Place May 22 at Half Moon Bay
- 6 Minutes That Can Change Your Security Start-up's Life
- NIST Abandons Cryptography Algorithm in Wake of NSA Backdoor Concerns
- Let’s Get Proactive with End User Security
- Verizon Publishes Vastly Expanded Data Breach Investigations Report (DBIR)
- Interview with Chris Petersen, LogRhythm co-founder
- Detecting OpenSSL-Heartbleed with Nmap & Exploiting with Metasploit
- Understanding What Constitutes Your Attack Surface
- Mocana Calls Heartbleed a “Wake-Up Call” for Makers of Smart Connected Devices