January 22, 2020 FTCODE Ransomware Adds Functionality for Stealing Credentials From Web Browsers, Email Clients 2 min read - Security researchers observed that FTCODE ransomware has added functionality for stealing users' credentials from web browsers and email clients.
April 9, 2019 Phishing Campaign Makes Use of SingleFile Browser Extension Tool to Obfuscate Malicious Activity 2 min read - In a recent phishing campaign, fraudsters used a legitimate browser extension tool called SingleFile to obfuscate their attacks and remain undetected.
Advanced Threats November 28, 2018 Phish or Fox? A Penetration Testing Case Study From IBM X-Force Red 7 min read - The IBM X-Force Red team recently ran into trouble on a black-box penetration testing assignment. Here's how the testers overcame the obstacles to ultimately establish a solid adversarial operation.
March 19, 2018 Websites Replace Digital Certificates as Browsers Set Deadlines to Revoke Trust 2 min read - One of the largest certificate authorities announced that the vast majority of the top 1 million websites had replaced the digital certificates major browsers plan to phase out in the coming months.
November 28, 2017 Mozilla Advances Cybersecurity Education With New Integration 2 min read - Mozilla will advance cybersecurity education by teaming up with Have I Been Pwned to notify users if they are using a site that has been recently breached.
November 7, 2017 Anonymity Gone Awry: New TorMoil Vulnerability Leaks User IPs 2 min read - A new vulnerability called TorMoil exploits a browser flaw to bypass security relays and expose real IP addresses belonging to Tor users.
July 27, 2017 What Adobe’s Decision to Phase Out Flash Player Means for Online Security 2 min read - Adobe announced that it will stop supporting its Flash Player by 2020, but the company pledged to continue offering security patches for the next few years
July 6, 2017 Mozilla Still Finds Failures in Website Security, Survey Shows 2 min read - More than 90 percent of the top 1 million websites have failed to adopt adequate website security controls to protect against XSS, MitM attacks and more.
January 25, 2017 Mozilla Issues First ‘Internet Health Report’ 2 min read - The Mozilla Foundation issued its first "Internet Health Report" to generate public awareness about current and oncoming cyberthreats.
November 21, 2016 Browsers to End SHA-1 Support in 2017 2 min read - Some of the biggest names in the web browser game — namely, Google, Microsoft and Mozilla — plan to stop accepting insecure SHA-1 certificates in 2017.