Chrome to dynamically point out “Not secure” HTTP sites
Google expects HTTPS to become the default, and is preparing users for it by slowly moving Chrome towards showing only negative security indicators. Google’s own numbers …
browser
FIDO2: Authenticate easily with phishing-resistant security
The FIDO Alliance and the World Wide Web Consortium (W3C) have achieved a standards milestone in the global effort to bring simpler yet stronger web authentication to users …
Google to purge cryptomining extensions from Chrome Web Store
In a bid to prevent Chrome users’ computers being covertly used for cryptocurrency mining, Google will try to purge the Chrome Web Store of extensions that hijack …
Firefox news: Fresh releases, Firefox Quantum for Enterprise, privacy protections
Firefox 59 (for desktop and mobile) and Firefox ESR 52.7 have been released to the public. Privacy enhancements and security fixes The former sports some performance …
Criminals can build Web dossiers with data collected by browsers
Everybody knows by now that websites collect information about users’ location, visited pages, and other data that can help them improve or monetize the experience. But …
Private browsing is not that private, but it can be
Private, “Incognito mode” browsing sessions are not as foolproof as most users believe them to be. “After a private session terminates, the browser is …
Browser makers move to mitigate risk of Spectre browser attacks
Apple has confirmed that it has already pushed out security updates for iOS, macOS and tvOS that mitigate the danger of users being affected by Meltdown attacks. (watchOS did …
Ad targeters exploit browsers’ password managers to track users online
Ad targeters are exploiting browsers’ built-in login managers to covertly collect hashes of users’ email addresses, to be used to track them across the web. …
Why phishers love HTTPS
As more and more sites switch to HTTPS, the number of phishing sites hosted on HTTPS domains is also increasing. “In the third quarter of 2017, we observed nearly a …
The key to success with prevention strategies like remote browser isolation
It is tempting as a security practitioner to think you can prevent every attack. Especially in a people-strapped industry, why wouldn’t you want to? If we could just use …
