Security Alerts & News
by Tymoteusz A. Góral

History
#1319 Google Chrome, Firefox address bar spoofing vulnerability
Google security team themselves state that "We recognize that the address bar is the only reliable security indicator in modern browsers" and if the only reliable security indicator could be controlled by an attacker it could carry adverse affects, For instance potentially tricking users into supplying sensitive information to a malicious website due to the fact that it could easily lead the users to believe that they are visiting is legitimate website as the address bar points to the correct website.
In my paper "Bypassing Browser Security Policies For Fun And Profit" I have uncovered various Address Bar Spoofing techniques as well as bugs affecting modern browsers. In this blog post I would discuss about yet another "Address Bar Spoofing" vulnerability affecting Google Chrome's Omnibox. Omnibox is a customized address bar api developed for better user experience such as search suggestions, URL prediction, instant search features so on and so forth.
Read more
#1319 Google Chrome, Firefox address bar spoofing vulnerability
#1318 Sage data breach may impact hundreds of business customers
#1317 Privacy lawsuit over Gmail will move forward
#1316 Operation Ghoul: targeted attacks on industrial and engineering organizations
#1315 $2.5 million-a-year ransomware-as-a-service ring uncovered
#1314 FalseCONNECT vulnerability affects software from Apple, Microsoft, Oracle and more
#1313 Easy to carry out, difficult to fight against: Why ransomware is booming in 2016
#1312 LinkedIn sues 100 individuals for scraping user data from the site
#1311 Now data-stealing Marcher Android malware is posing as security update
#1310 VeraCrypt audit under way; email mystery cleared up
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12