SEO poisoning is on the rise again. How do threat actors use search engine results to drive victims to malicious sites, and what can users do to protect themselves?
Researchers discovered a large tech support scam operation called Partnerstroka that preyed on unsuspecting users with an innovative browser locking technique.
According to a recent insider threat report, 60 percent of risk assessments identified users who tried to bypass their employer's security measures using private or anonymous browsing.
HTTP response headers aim to help protect web applications from cross-site scripting (XSS), man-in-the-middle (MitM) attacks, clickjacking, cross-site request forgery and other threat vectors.
One of the largest certificate authorities announced that the vast majority of the top 1 million websites had replaced the digital certificates major browsers plan to phase out in the coming months.
Researchers from MIT and Harvard University developed a system to enforce private browsing protections without any help from the user's web browser.
Cybercriminals altered Texthelp's Browsealoud web screen reader to install a cryptocurrency miner on many high-profile websites, including government sites in the U.S. and U.K.
Malicious actors are now turning the tables on encryption and leveraging SSL connections to create new cybersecurity threats that subvert detection tools.
Researchers are warning that web tracking firms can abuse password mechanisms to steal usernames and email addresses, increasing the risk of cybersecurity breaches.
The beta version of Opera 50 is the first major browser to offer a built-in mechanism that blocks cryptojacking, a new form of malware that leverages a victim's CPU to mine cryptocurrency.