Browser News, Articles and Updates

Google Chrome users targeted with 'missing font' malware scam

Hackers are at it once again, this time targeting Google Chrome users to install a fake "missing font" and then infect them with malware.

Google Chrome desktop update mends 36 vulnerabilities

Google on Thursday announced an update to its desktop version of Chrome, including security fixes of 36 vulnerabilities, 15 of which were designated high severity.

Facebook message scam delivers malicious script; parties dispute possible Locky connection

A researcher has warned of a new Facebook instant message spam campaign designed to trick recipients into downloading a malicious downloader script, which a second researcher said he observed downloading Locky ransomware.

Firefox browsers updated for security bugs

Mozilla on Tuesday released a number of security fixes affecting two of its Firefox browsers: the consumer edition, v50, and ESR 45.5, intended for enterprises which manage client desktops.

Microsoft detects 400 percent ransomware increase

Microsoft published a new report that examines ransomware developments that offers data encouraging users to upgrade to Windows 10 to prevent infection.

Google issues latest fixes for Chrome desktop version

Google on Wednesday has updated its Chrome browser desktop version to fix three vulnerabilities discovered by external researchers, including two high-severity flaws.

Google Safe Browsing cracks down on repeat offenders

Google today announced that it has revised its Safe Browsing policy that will designate certain websites as repeat offenders if they are caught multiple times engaging in malicious activity such as malware distribution and phishing.

Chrome exploit allows Svpeng trojan to bypass security measure; patch reportedly coming

Experts at Kaspersky Lab now understand how the mobile banking trojan Svpeng has been able to automatically download itself via malvertising ads while bypassing Google Chrome browser permissions.

APT group FruityArmor employs PowerShell to launch attacks, Kaspersky

An APT group has distinguished itself employing PowerShell in its coding platform used to distribute malware.

Google to start encryption shaming

Google will start shaming websites for not encrypting connections between the user and the site itself by telling users exactly when they are visiting HTTP sites

Dropbox recommending some users update account credentials

Dropbox is recommending to some users update the log in credentials for their account because a group of member emails and passwords may have been compromised.

Guidance on migration to SHA-2

Google has advised that Chrome will gradually sunset SHA-1 cryptography, which is used in the signing process of SSL certificates.

Microsoft removes Windows 8.1 Patch Tuesday update link

After some users noted issues with this month's update, Microsoft opted to remove the links while it investigates the problems further.

Google implements HTTPS signal into search engine algorithm

Websites using HTTPS will be given higher priority in searches.

Wikimedia Foundation lists removed links under 'right to be forgotten'

The nonprofit group which run Wikipedia was notified by Google of links removed from its search results.

Darknet gets its first search engine

Grams Darknet Market Search is patterned after Google and can only be accessed through the Tor browser.

Google considers boosting rankings of websites that encrypt

The head of Google's Webspam team would like to see the company reward developers for encryption in an attempt to better protect Web users.

IE exploits are the "Threat of the Month"

The "Threat of the Month" in our November issue are IE exploits.

Spear phish cracks White House computer network

Government officials have yet to confirm the identity of the attackers, though Chinese hackers are being flagged as suspects.

Blocking entry: Browsers offer prime attack vector

Web browsers have become today's de facto operating system -- the single place where end-users spend most of their time. As such, they're ground zero for attacks. Technology, though, is coming to the rescue.

Microsoft to release out-of-cycle patch for "critical" flaws

Microsoft is set to release an update to repair five flaws, including a new zero-day vulnerability.

Microsoft to release out-of-cycle patch for "critical" flaws

Microsoft is set to release an update to repair five flaws, including a new zero-day vulnerability.

IE zero-day exploit linked to Java 7 attackers

Researchers believe the Nitro crime gang, also behind Oracle's Java zero-day exploit, launched recent attacks through a vulnerability in Internet Explorer 9 and earlier versions.

Hacktivists take claim for Bank of America site disruption

Bank of America customers experienced a slowdown in website access, an issue hacktivist "cyber fighters" claimed responsibility for, along with a planned attack on the New York Stock Exchange.

Industrial crimeware sets a blistering pace

Industrialization is a key factor driving the rate at which criminals are turning to malicious software to make serious money.

Google increases rewards for bug and exploit finding

Google is raising the stakes for researchers who can show exploits and discover vulnerabilities in its Chrome browser.

Google increases rewards for bug and exploit finding

Google is raising the stakes for researchers who can show exploits and discover vulnerabilities in its Chrome browser.

Google increases rewards for bug and exploit finding

Google is raising the stakes for researchers who can show exploits and discover vulnerabilities in its Chrome browser.

Microsoft, Adobe issue security updates for more than 50 bugs

Microsoft plugged 26 vulnerabilities, and Adobe shored up 26 of its own as part of a monster Patch Tuesday. Each company is grappling with an active exploit as well.

Microsoft set to release nine patches for 10 security bugs

Microsoft is prepping fixes for 10 vulnerabilities, with researchers' expecting the highest-priority fixes to involve issues in Internet Explorer and Exchange.