A recent collaborative study between Google, the Swiss Federal Institute of Technology, and IBM offers new insight into how many people surfing the web are doing so safely. According to the report, a clear majority of users (some 59 percent) are using the latest version of their preferred Internet browser—but that still leaves 40.1 percent [...]
Filed under: Exploits, General Security, Vulnerabilities | Leave a Comment »
What would the perfect phishing attack from a social engineering perspective? The one that compared to using typosquatted domains impersonating the bank’s web application directory structure is in fact using the bank’s legitimate domain names as redirectors due to XSS flaws within. It’s even more interesting to measure the average time it takes for a [...]
Filed under: Exploits, General Security, Hacking, Vulnerabilities | Leave a Comment »
My colleague at Kaspersky Lab Roel Schouwenberg (see disclosure) has discovered a drive-by malware download taking advantage of what Microsoft describes as an Internet Explorer “feature” to launch cross-site scripting attacks.
The attack, discovered at a compromised legitimate site, is using a modified GIF file to exploit the cross-site scripting feature/vulnerability. [Read More...]
Source: Zdnet
Filed under: Exploits, General Security, Vulnerabilities | Tagged: Exploits, Security, Vulnerabilities | Leave a Comment »
