Category: Security

AdLeaks: A Whistleblower Friendly Web Technology

By | June 25, 2013 | 0 Comments

Researchers Working On A Whistleblower Friendly Web
The power of the web.

Now here’s an interesting take on leaking private data. Researchers in Germany are working on a new, ad based platform that would allow whistleblowers to share the information without compromising their positions.

And here is how it works: a web site will embed AdLeaks ad, which contains a code capable of encrypting an empty message with the AdLeaks public key and sending it back to their servers.
Continue Reading

Mozilla Asks Congress, Microsoft And Google To Stop Spying

By | June 12, 2013 | 2 Comments

Mozilla Asks Congress, Microsoft And Google To Stop Spying

Well, now you know why Google and Microsoft are so eager for you to signup when using their services and what they do with that data.

Fortunately, organizations like Mozilla, Reddit, DuckDuckGo and many more have a better idea and care about your privacy. Thanks to the recently leaked data about PRISM, these companies are asking the Congress to end NSA surveillance.
Continue Reading

Firefox Brand Used To Cover Spyware

By | May 6, 2013 | 1 Comment

Firefox Brand Used To Cover SpywareMozilla isn’t too happy about it.

According to a report by Citizen Lab, Gamma International, a UK based firm that produces surveillance software (FinFisher), is tricking people into installing their spyware on their machines, which is later masked as Firefox.exe.

As noted in the Mozilla’s blog post, “when a user examines the installed spyware on his/her machine by viewing its properties, Gamma misrepresents its program as “Firefox.exe” and includes the properties associated with Firefox along with a version number and copyright and trademark claims attributed to “Firefox and Mozilla Developers.”
Continue Reading

Google Chrome & Firefox Have More Vulnerabilities Than Flash And Java Combined

By | March 18, 2013 | 6 Comments

Google Chrome Has More Vulnerabilities Than Flash And Java CombinedTime to go back to IE?

Now here is something you won’t hear that often. Despite the common hate for Adobe’s Flash and Oracle’s Java plugins, it looks like they are not the major offenders when it comes to the actual number of vulnerabilities.

According to the latest report by security firm Secunia, Google Chrome, Firefox and iTunes are responsible for the majority of Windows security issues. As it turns out, 86% of all Windows vulnerabilities in 2012 (up from 78% last year) come from non-Microsoft applications and here is the actual list (vulnerabilities – product name):
Continue Reading

Pwn2Own 2013: All Browsers Fail

By | March 8, 2013 | 17 Comments

Pwn2Own 2013: All Browsers FailNo one cared about Safari.

With the Pwn2Own hacking contest coming to an end, it was revealed that every major web browser was hacked.

Google Chrome exploit allowed for a full breakout from its invincible sandbox resulting in a $100,000 reward, while both Firefox and Internet Explorer were exploited by a security firm VUPEN, resulting in a total of $160,000 in bounty payments ($60,000 and $100,000 respectively).

What about Safari? As it turns out, no one even pre-registered for Apple’s web browser this year despite the $75,000 prize.
Continue Reading

Firefox And Opera Are Leaking Sensitive Data

By | February 18, 2013 | 8 Comments

Firefox And Opera Are Leaking Sensitive DataNow here is an issue you haven’t heard about: as it turns out, both Firefox and Opera (to a lesser extent) are “leaking” your sensitive data, at least according to some reports.

The issue appears to be related to Speed Dial, which generates thumbnails of your favorite or most frequently visited web pages. As web browser takes a screenshot of the site, it does little to protect user’s privacy, especially when data is served over the SSL connection.
Continue Reading

Internet Explorer 10: The King Of The Web Security

By | October 31, 2012 | 14 Comments

Internet Explorer 10: The King Of The Web SecurityWhen it comes to the socially engineered malware, it looks like Microsoft’s Internet Explorer is the only web browser that manages to fight it well.

According to the latest study by NSS Labs, IE10 running on the Windows 8 protected test systems against 99.1% of all the malicious web pages, followed by Google’s Chrome 70.4% mark.

However, when it came to Firefox and Safari, the block rates were incredibly low, 4.2% and 4.3% respectively.
Continue Reading

Google Chrome Hacker Gets $60,000

By | October 12, 2012 | 1 Comment

Google Chrome Hacker Gets $60,000And a laptop.

Following the recent Pwnium 2 competition, a hacker nicknamed “Pinkie Pie”, has successfully compromised Google’s Chrome web browser and received a free Chromebook and a cash prize of $60,000.

Earlier this year, Pinkie Pie and Sergey Glazunov have also reaped a reward of $60,000, following the successful escape of everyone’s beloved sandbox.
Continue Reading

German Government: Don’t Use IE

By | September 19, 2012 | 0 Comments

German Government: Don’t Use IEThanks to a recent security vulnerability discovery, the German government’s Federal Office for Information Security, has advised users to use alternative web browsers until Microsoft fixes the issue, “a fast spreading of the code has to be feared.”, said BSI.

Meanwhile, Yunsun Wee, Microsoft’s Trustworthy Computing spokesperson, said the the software giant is working on a fix and it should be available in the next few days.

[Via: Cnet]

Poison Ivy Trojan Delivered Via Internet Explorer 7-9

By | September 18, 2012 | 1 Comment

Poison Ivy Trojan Delivered Via Internet Explorer 7-9Internet Explorer 10 is not affected.

Thanks to some clever engineering, a new attack has reportedly affected computers running IE7, IE8 and IE8 running on Windows XP, Vista and 7 machines.

According to the recent report, by utilizing Adobe’s Flash Player to conduct a “heap spray” and bypass Windows ASLR (Address Space Layout Randomization) protection, attackers have delivered “Poison Ivy” Trojan to unsuspecting victims.
Continue Reading