Category: Security

Web Browsers Protection against Socially Engineered Malware

By | March 26, 2009 | 14 Comments

Now this is something new. According to NSSLabs, over 50% of malware infections occur via internet download. In the recent study they have tested 6 most popular web browsers to see how well they protect surfer against web based malware.

Effectiveness results (more is better)

Internet Explorer 8 (RC1) – 69%
Firefox 3.07 – 30% Continue Reading

Pwn2Own: Hacker Exploits IE8, Firefox, Safari

By | March 19, 2009 | 8 Comments

From ZDNet

“He won a cash prize and got to keep the hardware. Details of the vulnerability, which was described by contest sponsor TippingPoint ZDI as a “brilliant IE8 bug!” are being kept under wraps.

“Nils” also scored a clean hit against Apple’s Safari (he was the second hacker to exploit Safari) and, later in the afternoon, he exploited a Firefox zero-day flaw to claim the trifecta.”

In case you are interested, Mac was hacked in 10 seconds.

Nothing about Opera or Chrome yet.

[digg-reddit-me]

eBay Scammers Work Unpatched Vulns in Firefox, IE

By | March 10, 2009 | 0 Comments

From TheRegister:

“eBay scammers have been exploiting unpatched vulnerabilities in the Firefox and Internet Explorer browsers to deliver counterfeit pages that try to dupe people surfing the online auction house to bid on fraudulent listings.”

Continue reading at The Register

Firefox – Buggier but Fixes Issues Faster

By | March 9, 2009 | 7 Comments

During 2008 Firefox reported 115 flaws. That’s more than Safari (32), Opera (30) and Internet Explorer (31) combined. However, Firefox fixes the issues way faster than any other company.

The research was made by Secunia. (see pdf)

Via  news.cnet.com

[digg-reddit-me]

Hack Web Browser, 2009

By | February 22, 2009 | 1 Comment

A new Pwn2Own hack contest which should begin in the middle of the March 2009 is set to test Internet Explorer 8, Firefox, Safari and Opera web browsers running on Windows 7 Beta or RC.

Unlike previous year competition, where “white hackers” tried to hack computer operating systems (Mac OS was hacked first), this year it will focus on web browsers and mobile operating systems (Android, iPhone, Symbian, Windows Mobile, RIM).

More details should be announced within the upcoming weeks.

Event home page

[digg-reddit-me]

How Secure Is Internet Explorer, Firefox, Safari, Google Chrome and Opera?

By | January 30, 2009 | 3 Comments

Infoworld inspected all the major web browsers and got some really interesting points to say about each of them.

Here are conclusions for each of the web browsers (also, links to full articles):

How Secure is Internet Explorer?
IE has no peer in enterprise deployment features. Using the Internet Explorer 8 Deployment Guide, administrators can deploy and configure more than 1,300 IE-related settings via Active Directory Group Policy or the Internet Explorer Administration Kit. It is the only browser in the review to support Kerberos authentication over the Web. Continue Reading

New Apple Safari Vulnerability Discovered

By | January 13, 2009 | 3 Comments

Guy Brian has discovered a new Safari vulnerability which affects Mac OS X 10.5 (Leopard) users who haven’t changed default feed reader preferences.

This vulnerability allows phishing sites to silently read all the user data from hard drive without him knowing that.

There is however a workaround for Safari users on Windows OS. Continue Reading

Weekly Browsers Recap, January 11th

By | January 12, 2009 | 0 Comments

Internet Explorer

Firefox

Google Chrome Continue Reading

Weekly Browsers Recap, January 4th

By | January 4, 2009 | 0 Comments

Web Browsers Security Handbook

By | January 3, 2009 | 2 Comments

Now here is something quite informative. Browser Security Handbook published by Google.

As Google explains, the document is meant to provide web application developers, browser engineers, and information security researchers with a one-stop reference to key security properties of contemporary web browsers.

The following browsers are included: Continue Reading