University researchers created a browser-based JavaScript that leverages a phone’s smart device sensor data to steal PINs.
Tag Archives: chrome
Firefox 52 Expands Non-Secure HTTP Warnings, Enables SHA-1 Deprecation
The latest version of Firefox expands non-secure HTTP warnings, enables SHA-1 deprecation by default, and removes support for NPAPI.
Browser AutoFill Feature Can Leak Your Personal Information to Hackers
Just like most of you, I too really hate filling out web forms, especially on mobile devices.
To help make this whole process faster, Google Chrome and other major browsers offer “Autofill” feature that automatically fills out web form based on data you have previously entered in similar fields.
However, it turns out that an attacker can use this autofill feature against you and trick you
Microsoft Silently Fixes Kernel Bug That Led to Chrome Sandbox Bypass
Microsoft appears to have silently fixed a two-year-old bug in in Windows Kernel Object Manager that could have allowed for the bypass of privileges in Google’s Chrome browser.
Half of Chrome Pageloads are HTTPS
Google said that more than half of pageloads on Chrome across platforms are encrypted; Android as the lone laggard, but trending upward.
Google to Distrust WoSign, StartCom Certs in 2017
Google announced Monday that it will distrust certificates issued by WoSign and StartCom when in it ships Chrome 56 in January 2017.
Mozilla Wants to Drop WoSign as Trusted CA
Mozilla has proposed banning new SHA-1 certificates from Chinese Certificate Authority WoSign for one year after it accused the CA of back-dating the deprecated certs.
Chrome 53 Fixes Address Spoofing Vulnerability, 32 Other Bugs
Google patched 33 bugs in total in Chrome 53, almost half of which are branded high severity by the company.
Browser Address Bar Spoofing Vulnerability Disclosed
Chrome, Firefox and likely other major browsers are afflicted by a vulnerability that allows attackers to spoof URLs in the address bar.
Google Patches Two High-Severity Flaws in Chrome
Chrome 51.0.2704.79 for Windows, Mac, and Linux was released Wednesday and patched 15 vulnerabilities, including two high-severity flaws eligible for bounties