Category: Security

Google Goes Mental: Increases Chrome Rewards To $20,000

By | April 24, 2012 | 7 Comments

Google Goes Mental: Increases Chrome Rewards To $20,000

If previous cash rewards were not enough to encourage you to start sniffing the code, then we have some good news.
Continue Reading

Firefox Blocks Old Java Plugins

By | April 5, 2012 | 4 Comments

Firefox Blocks Old Java PluginsGood news for Firefox users, thanks to the never ending Java vulnerability spree, Mozilla has decided to protect its users and from now on will block Java plugins with a Version 6 Update 30 and below as well as Version 7 Update 2 and below.

According to the official blog post, the February update for the Java Development Kit fixes a critical vulnerability, which prevents hackers from running exploit on user computer.

However, for those who want even more security, here is a simple tip: uninstall Java.

IE9 Hacked, Chrome Pwned (Again)

By | March 12, 2012 | 11 Comments

IE9 Hacked, Chrome Pwned Again

Security flaws everywhere.

After Google Chrome has been hacked twice, Microsoft’s Internet Explorer 9 was the second browser to fail the security challenge.

By exploiting two unknown vulnerabilities, Vupen Security was able to remotely open a calculator running on a Windows 7 SP1 machine. While no additional details were revealed, both IE and Google Chrome exploits were a combination of at least a couple of previously unknown flaws.
Continue Reading

Google Chrome Pwn2Own Vulnerability Patched

By | March 9, 2012 | 2 Comments
Google Chrome Pwn2Own Vulnerability Patched

From left to right Jim Hebert, Cris Necker, Justin Schuh

Just 24 hours after reporting the critical vulnerability in Google’s Chrome web browser, the search giant has already released a patch to address the issue.

Identified as a bug CVE-2011-3046, discovered vulnerability is described as “UXSS and bad history navigation”, with no additional details revealed.
Continue Reading

Hackers Rejoice, Google Chrome Fails Twice

By | March 8, 2012 | 13 Comments

Hackers Rejoice, Google Chrome Fails TwiceSecurity contests prove to be useful.

Just as some might have thought that Google’s Chrome sandboxing feature is bullet proof, Sergey Glazunov, a security researcher who have found quite a few vulnerabilities in the fast, has enriched his life with a $60k reward, received for a “Full Chrome” exploit, which bypassed the sandbox feature. Although Google Chrome was previously known to withstand various attacks in Pwn2Own and similar contests, this time it was the first to fail.

Justin Schuh, Chrome’s security team member said, “It was an impressive exploit. It required a deep understanding of how Chrome works. This is not a trivial thing to do. It’s a very difficult and that’s why we’re paying $60,000.”
Continue Reading

Google Will Pay Up To $1 Million To The Google Chrome Hackers

By | March 2, 2012 | 4 Comments

Google Will Pay Up To $1 Million To The Google Chrome HackersThe keyword here is “up to”.

As if the Pwn2Own contest was not enough, Google will be holding its own competition at the CanSecWest security conference.

Called Pwnium, contest attendees will be asked to exploit the Google Chrome web browser and in return, will be rewarded as follows:
Continue Reading

Google Chrome Will Support Do Not Track

By | February 29, 2012 | 3 Comments

Google Chrome Will Support Do Not TrackWith all the privacy and tracking talks going on, it looks like Google will finally be joining the ranks of other web browsers who support Do Not Track feature.

Introduced years ago, Do Not Track allows users to opt out of tracking by advertising, social and other web sites that enjoy such data.

However, it’s not coming anytime soon, according to the report, Google Chrome is likely to introduce Do Not Track feature by the end of this year, which is 8-10 months away.
Continue Reading

Android, iOS, BlackBerry Affected By A Serious WebKit Vulnerability

By | February 29, 2012 | 4 Comments

Android, iOS, BlackBerry Affected By A Serious WebKit VulnerabilityWebKit, a rendering engine used by a variety of mobile web browsers, including Google Chrome and Safari, appears to have a very serious flaw, which allows attackers to take a complete control over your smartphone.

According to George Kurtz, the former CTO of McAffee, who have co-founded a new security startup CrowdStrike and discovered the vulnerability, this means that pretty much every smartphone and tablet has this flaw. He has also confirmed that Windows Phone users were not affected.

No further details were revealed.

[Via Zunited]

Industry Proposes DRM Like HTML5 Encryption

By | February 24, 2012 | 14 Comments

Industry Proposes DRM Like HTML5 Encryption

People freak out.

Just a few days ago, everyone was a huge fan of the HTML5. Now, it looks like at least a small amount of fans are freaking out over the industry’s DRM like protection proposal.

However, what they fail to realize is the fact that this is a necessary step, which would somewhat protect content providers, who actually spend money to produce such thing.
Continue Reading

Microsoft: Google Bypasses Internet Explorer’s Security As Well

By | February 21, 2012 | 11 Comments

Microsoft: Google Bypasses Internet Explorer's Security As WellEverybody panic!

Just few days ago, Google has been accused of using a loophole in Apple’s Safari web browser, which allowed the search giant to track users by storing unwanted cookies.

Well, today Microsoft has published a report, stating that Google bypassed Internet Explorer’s privacy settings as well.
Continue Reading