Online Safety

Online safety

Like routers, most USB modems also vulnerable to drive-by hacking

Attackers can hijack DNS settings by exploiting vulnerabilities in the Web-based management interfaces of 3G/4G USB modems

E-paper display gives payment cards a changing security code

The technology, from Oberthur Technologies, will be tested by two banks in France


URL-spoofing bug in Safari could enable phishing attacks

A researcher developed code that can trick Safari into showing a different URL in its address bar than the one currently loaded

Anonymous-tied DDoS botnet shows insecure routers are legion

Researchers found a botnet of over 40,000 routers that are being used to launch distributed denial-of-service attacks

Visitors to top porn sites hit by malvertising attack

A malicious advertisement posted through an ad network tried contained a Flash Player exploit

Researchers play cat and mouse with Google's anti-phishing Chrome extension

Security researchers found nine different ways to defeat Google's Password Alert extension for Chrome

After Google, Microsoft also cracks down on misleading advertisements

Internet Explorer will start showing warnings for ads that lead users to harmful websites and software

Wi-Fi client vulnerability could expose Android, Linux, BSD, other systems to attacks

A flaw in the widely used wpa_supplicant wireless client can lead remote code execution

Crypto gurus: The government's key escrow plan won't work

World renowned cryptographers highlighted various reasons why creating a master decryption key for the government to use is not practical

HTTPS snooping flaw in third-party library affected 1,000 iOS apps with millions of users

The flaw in the AFNetworking library broke HTTPS certificate validation, enabling man-in-the-middle attacks

Google's push to encrypt ads will improve security, but won't kill malvertising

The move might encourage more websites to deploy HTTPS

Islamist hackers take French broadcaster TV5Monde off air

The attack disrupted the network's broadcasting for hours and also affected its websites and social media accounts

Large-scale Google malvertising campaign hits users with exploits

A Google ad reseller in Bulgaria was potentially compromised

Like Google, Mozilla set to punish Chinese agency for certificate debacle

The organization's current proposal is to reject future CNNIC-issued certificates, but to trust existing ones

Over 100,000 devices can be used to amplify DDoS attacks via multicast DNS

Some implementations of the multicast DNS protocol are configured to accept queries from the Internet, which is a risky behavior

chrome logo

Google cracks down on ad-injecting Chrome extensions

But the rogue advertising problem extends way beyond browser add-ons.

British Airways notifies frequent flyers of possible breach of their accounts

Many users had their reward points removed from their accounts as a precaution

Microsoft blacklists latest rogue SSL certificates, Mozilla mulls sanctions for issuer

Microsoft revoked trust in an intermediate CA certificate that was used to issue unauthorized certificates for Google websites

Flash-based vulnerability lingers on many websites three years later

A large number of developers have failed to patch their Flash applications against a vulnerability that can be exploited to target Web users

All major browsers hacked at Pwn2Own contest

Adobe Reader and Flash Player fell as well

Load More