A web browser (commonly referred to as a browser) is a software program used for accessing information on the Internet. The most common browsers include Google Chrome, Mozilla Firefox, Opera, Microsoft Internet Explorer, and Safari.
Browser security is quite of importance as browsers are popular targets for hackers; they can exploit the vulnerabilities within a browser and utilize browsers to breach data, drop malware, or carry out other malicious activities.
The Internet we know is just a fraction of what’s out there in the cyberspace. People often confuse the surface web, deep web and dark web, especially in connection with cybercrime and where that comes from. The deep web and the dark web are two distinctly different things. The dark web is merely dark because of its…
Apple has rewarded a security researcher $75,000 bug bounty after he discovered a massive iOS and macOS camera vulnerability; the flaw would allow attackers to hijack the camera and microphone on any iPhone or Mac computer. Ryan Pickren, an ethical hacker, disclosed seven vulnerabilities in Apple’s Safari browser; three of which could have been exploited…
Mozilla patched two critical zero-days in Firefox 74.0.1. The vulnerabilities were exploited in the wild through targeted attacks. Mozilla is now urging users to update their Firefox browsers to fix the two bugs. The two vulnerabilities, tracked as CVE-2020-6819 and CVE-2020-6820, are both use-after-free. Use-after-free flaws are a type of memory corruption that could lead…
Apple on Tuesday released Safari 13.1 and updated the Intelligent Tracking Prevention (ITP) privacy feature. Intelligent Tracking Prevention allows Safari to block cookies and prevent advertisers from snooping on users’ web habits. According to Apple WebKit engineer John Wilander, Safari now blocks all third-party cookies. (WebKit is the browser engine that powers Safari.) That means that…
Google issued a Chrome update to address three security holes. The Chrome 80 update (version 80.0.3987.122) included a patch for a zero-day vulnerability (CVE-2020-6418) that has been actively exploited in the wild. The CVE-2020-6418 vulnerability is a type of confusion issue and has a severity rating of high that affects the V8 open-source JavaScript engine…
Google found over 500 chrome extensions they found to inject malicious ads and siphon off user browsing data to servers under the control of attackers. These extensions have been downloaded millions of times from Google’s Chrome Web Store secretly uploaded private browsing data to attacker-controlled servers. Browser extensions are used for customizing web browsers, modifying…
As reported earlier an unpatched zero-day vulnerability exists in Internet Explorer that is being exploited in targeted attacks. Microsoft still hasn’t released a patch for the vulnerability dubbed as CVE-2020-0674. Although Microsoft suggested mitigation steps, there are a few problems that are left unsolved. Windows Media Player, Microsoft print to PDF, and local USB printers are all…
The FTCode ransomware has been upgraded to steal saved user credentials from browsers and email services. Its targets are Internet Explorer, Mozilla Firefox, Mozilla Thunderbird, Google Chrome, and Microsoft Outlook. FTCode is believed to be the handiwork of Russian threat groups. Sophos first discovered the malware in 2013, and it reappeared in October 2019 as…
Microsoft published a security advisory warning of an Internet Explorer (IE) zero-day vulnerability. The vulnerability, tracked as CVE-2020-0674 and rated moderated, is currently being exploited in the wild. The company described these as “limited targeted attacks” suggesting the zero-day was not broadly exploited, but rather that it was part of attacks aimed at a small…
Mozilla has warned Firefox users to update their browsers to the latest version due to a critical vulnerability actively being exploited in the wild. The update is to address a critical zero-day vulnerability that has been abused for targeted attacks. Mozilla claims that they are aware of targeted attacks in the wild that were abusing…