Now here is a clever one.
As Mozilla Firefox creative lead Aza Raskin describes it, the attack is as elegant as it is simple: A user has multiple tabs open, and surfs to a site that uses special javacript code to silently alter the contents of a tabbed page along with the information displayed on the tab itself, so that when the user switches back to that tab it appears to be the login page for a site the user normally visits.
Even with NoScript plugin installed, users were still vulnerable. Fortunately, May 27th update fixes that.
- Internet Explorer History Monitor
- Install Firefox add-on without restarting, now in nightly builds
- Mozilla Plugin Check for All Browsers
- The Book of Mozilla
- Use Google Chrome to Drag Images into e-mails
- Verizon’s Tablet Bet Is on Google Chrome
- Why the Opera web browser is anti-Flash
- Opera’s Secrets Unlocked: 16 Tips and Tricks
- Apple Safari Browser Hit By Zero-day Vulnerability
- Is Your Browser HTML5 and CSS3 Ready?
- Android Browser Roundup
Thanks to Android, Ichann, Nox and Tiago Sá for links.
- Microsoft publishes its latest Security Intelligence Report, Vol. 8
- IE9 Platform Preview 2: more of the same, but a bit faster
- Firefox: How to Duplicate a Tab
- Mozilla to Detail Next Version of Firefox
- Updated Firefox 3.6.4 beta available for download and testing
- Google Buys BumpTop, A 3D User Interface For Chrome OS & Android?
- Opera Joins Flash Debate: “You Can Cook an Egg” While It’s Running
- How to change action for file types in Opera
- Unpatched drive-by download flaw in Apple Safari browser
- “Silent” update of Opera Mini 5
- FastMail.FM FAQ
Thanks to mabdul and RamaSubbu SK for links.
- IE9 Will Change the Web Forever
- IE8 has blocked over 560 million malware sites: how many were legit?
- Firefox.next Alpha 4 is both: performance and looks
- Multi-process Firefox Lorentz beta now available for download
- Mozilla Hackability: Firefox Nintendo Wiimote driver
- Destroy The Web (add-on)
- Optimized Firefox: Pale Moon
- Simplifying Web Browsing? Google Chrome Drops URL Prefix
- Google to Open-source VP8 for HTML5 Video
- Comodo Dragon: A Chromium Browser With Extra Armor
- Opera Mini 5 Settings
- How WebKit Loads a Web Page
- Adobe CEO: Flash coming to Android, WebOS and BlackBerry ‘smartphones and tablets’ in 2H 2010
- Important Java plugin update now available
- Funny fact about browser randomization
- HTML5 audio visualizations
- More Web Inspector Updates
Thanks to Blake Sening, mabdul, Nox and Rohan Gharia for links.
As first day at Pwn2Own hacking contest nears its end, web browser results are in.
Just like last year, Apple’s Safari 4 on Snow Leopard 10.6 was hacked first, as Charlie Miller set up a remove exploit.
Back in January, German government urged users to start using Firefox instead of Internet Explorer.
Well, due to security vulnerabilities (that were fixed in Firefox 3.6.2), they asked users to stop using Firefox as well, at least until patch is released.
So here you have it: start using Firefox, then stop, and now… Start using it again…
Thanks to Daniel Hendrycks and Ichann for the news tip.
- Microsoft Winning Fans Early with Internet Explorer 9 Preview
- Windows Phone 7 browser is based on Internet Explorer 7
- IE8, iPhone will fall first day of hacking contest, predicts organizer
- Firefox 3.0 reaching end of the line
- Clear Firefox’s History for a Single Site
- Chrome Tip: Always restoring tabs
- Google Launches 3D Graphics Driver Project for Chrome
- Opera expands widget offering to all mobile phones
- Opera’s AdMarvel Partners With PointRoll For iPad Advertising Platform
- Analyst Uncovers 20 Security-related Flaws in Safari
- Amazon’s Kindle may get a proper web browser
- Next-gen Web TV apps focus on the browser
- Camino 1.6.11 Released
Thanks to Daniel Hendrycks for links.
- IE tag – Take Two
- Documenting Standards in IE
- Microsoft investigating new Internet Explorer vulnerability in Windows XP
- Microsoft plays dirty against other browsers in Russia
- Firefox Mobile Browser Fennec Spotted on Android
- External Text Editing in Firefox
- The Downfall of Personas
- Coming Soon To Chrome: Extensions That Can Alter Your Browsing History
- Google Chrome Tip: Recovering closed tabs
- Zero-days flaws surface in Apple Safari
- Opera Mini Server Upgrade to 4.16.916
- Browser history hijack + social networks = lost anonymity
- Camino 2.0.2 Released
Thanks to mabdul and Nox for links.
In the upcoming Pwn2Own contest, hackers will be trying to “pwn” Microsoft Internet Explorer, Mozilla Firefox, Google Chrome and Apple Safari web browsers. Competition will be active for three days, with a total cash prize pool of $40 000, where each target is worth $10 000.
Contestants will be trying to exploit:
Microsoft Internet Explorer 8 on Windows 7 Continue Reading
- UK government pledges support for MS Internet Explorer
- Browser Speed Tests: Firefox 3.6, Chrome 4, Opera 10.5, and Extensions
- The Snoopy Google Toolbar
- Enable the Tab Preview Menu Button in Firefox 3.6
- Firefox: People in Germany Are Switching Browsers
- No matter what Apple says, you can’t get a rich web experience without Flash
- How to shorten URLs directly in Opera
- Opera Mini Server Upgrade to 4.15.2444
- Clickjacking problem in browsers persists
- Weave 1.0 now available for download
Thansk to Gala and mabdul for links.