web
Web Vulnerability Submissions Exploded in 2023
There was an alarming surge of user-submitted web vulnerability submissions in 2023—with a 30% increase compared to 2022—as open-scoped bug bounty programs evolved ...
Security Boulevard
Calling Home, Get Your Callbacks Through RBI
Authored By: Lance B. Cain and Alexander DeMineOverviewRemote Browser Isolation (RBI) is a security technology which has been gaining popularity for large businesses securing their enterprise networks in recent years. This blog ...
DNSSEC: The Secret Weapon Against DNS Attacks
The domain name system (DNS) is known as the phone book of the internet, quickly connecting users from their devices to their desired content. But what appears to most users as seamless ...
Security Boulevard
The Exploitations of Password Managers, Web Tracker Edition
via Martin Brinkmann writing at his eponymous blog: gHacks Technology News, tells the tale of Password Manager Exploitation by nefarious-minded Web Trackers. Certainly Wednesday's MustRead, yes? 'Research from Princeton's Center for Information ...
20 Critical Security Controls: Control 7 – Email and Web Browser Protections
Today, I will be going over Control 7 from version 7 of the CIS top 20 Critical Security Controls – Email and Web Browser Protections. I will go through the 10 requirements ...
XKCD, Conversational Dynamics
via the comic content delivery system known as Randal Munroe at ! Permalink ...
Tech support scam alarms Chrome users
Health Security Solutions | | browser, Chrome, cyberthreat, google, Mac, Malware, scam, security, security bloggers network, web, Windows
With evolving technology comes evolving threats. Recently, a researcher revealed that a new type of scam freezes Google Chrome and tricks users into believing that their network security has been compromised. Little ...
Solving the Security B-Sides London 2012 Web Hacking Challenge
Marc Wickenden (@marcwickenden) | | 2012, BSides, challenge, challenges, cons, Hacking, London, security, web
This year (2012) I wrote a web hacking challenge for BSides London. Rather than write a lengthy blog post about how to solve it (when others have already covered it), I thought ...
Web Servers as an Attack Vector
For a long time in computer security, we have been focused on protecting workstations, and rightly so. Viruses, worms, remote access Trojans, and other malware has targeted the end-user workstation, and unfortunately, ...
The Case for Hybrid Identity-as-a-Service
Michael Mongold | | Cloud, ESSO, hybrid, IDaaS, identity, Michael, Mongold, PasswordBank, PCI, Problem, security, solution, sso, web, Web/Tech
Hybrid Identity-as-a-Service (IDaaS) provides a clear path to reducing the dangers associated with cloud-adoption ...