Credit to Author: Paul Ducklin| Date: Sat, 16 Apr 2022 00:33:41 +0000
The third emergency Chrome 0-day in three months – the first one was exploited by North Korea, so you might as well get this one ASAP.
Read more
Credit to Author: Paul Ducklin| Date: Tue, 15 Feb 2022 16:17:45 +0000
Zero-day buses: none for a while, then three at once. Here’s Google joining Apple and Adobe in “zero-day week”
Read more
Credit to Author: Lucas Mearian| Date: Wed, 02 Feb 2022 04:00:00 -0800
A start-up has emerged from stealth mode to announce what it describes as one of the world’s first enterprise-specific browsers, capable of governing how users interact with all SaaS and web applications.
The new Island web browser is based on the widely used Chromium open-source platform. Launched by a company with the same name, Island offers users a familiar online experience while governing what sites they can visit, the data they can view, and what files they can download or upload. Restrictions can be dialed up or down and can be specific to a user’s role in an organization.
For example, a user could be surfing the web with the standard Chrome, Edge, or Safari browsers, but if they try to access a site that’s off-limits based on the Island settings, they’d be blocked and told to use their secure browser. The Island browser can even stop an employee from taking screenshots of sensitive data, depending on the settings IT admins choose to implement.
Credit to Author: Lucas Mearian| Date: Thu, 20 Jan 2022 13:16:00 -0800
In the latest release of its Edge beta, Microsoft introduced a new way for IT admins to better secure the Chromium-based browser against web-based attacks.
The release notes for Microsoft Edge Beta Channel describe the new security features as employing several techniques to guard against so-called zero-day exploits; Zero-day exploits are software or network vulnerabilities developers are unaware of, and so they’ve not been patched.
Imagine if the keylock mechanism on your home’s backdoor was faulty and jiggling the doorknob released the latch. Burglars could walk door to door looking for that particular vulnerability and jiggle doorknobs until one opened. Zero days are the same concept, but in cyberspace.
Credit to Author: Danny Bradbury| Date: Thu, 27 Feb 2020 11:32:13 +0000
Users looking for a privacy-focused browser might want to consider Brave first, according to a study published this week.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/nYYmchFylNA” height=”1″ width=”1″ alt=””/>
Read more
Credit to Author: John E Dunn| Date: Wed, 12 Feb 2020 16:13:57 +0000
From March, the Firefox, Chrome, Safari and Edge browsers will show warnings when users visit websites that only support TLS versions 1.0 or 1.1.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/3oMQ9dp5jKA” height=”1″ width=”1″ alt=””/>
Read more
Credit to Author: John E Dunn| Date: Tue, 28 Jan 2020 10:38:31 +0000
Mozilla’s policy is unambiguous – add-ons must be self-contained and not load remote code, which opens up the user to all sorts of risks.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/NvbQrtROsLI” height=”1″ width=”1″ alt=””/>
Read more
Credit to Author: Danny Bradbury| Date: Wed, 09 Oct 2019 12:14:46 +0000
Microsoft fixed 59 vulnerabilities in October’s Patch Tuesday, including several critical remote code execution (RCE) flaws.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/jWWY6mMadts” height=”1″ width=”1″ alt=””/>
Read more
Credit to Author: Danny Bradbury| Date: Thu, 05 Sep 2019 14:27:12 +0000
Mozilla has told developers not to fret – it won’t follow Google in tweaking its browser to be unfriendly to ad blocking software.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/m–la7sLG8k” height=”1″ width=”1″ alt=””/>
Read more
Edge Chromium can provide more protection for organizations that use older versions of Windows.