Browser Security News

After years of lagging behind on important security features, Apple has finally added a malware-blocker, a phishing filter and support for EV (extended validation) certificates into the latest refresh of its Safari Web browser.

A bug found in all major browsers could make it easier for criminals to steal online banking credentials using a new type of attack called "in-session phishing," according to researchers at security vendor Trusteer.

Browser security is quite a popular topic these days. As it turns out, password managers also have their share of security flaws that can lead to the disclosure of passwords and the like, which brings us to a bit of bad news for users of Safari.

Excerpted with permission and updated from the November 24 issue of MWJ, published by MacJournals.com. Copyright 2008, GCSF Incorporated. For more information on MWJ, visit www.macjournals.com.

Apple yesterday added anti-phishing protection to Safari, the last major browser to receive the feature that blocks known identity-stealing sites. The company also patched 11 security bugs in the program, the bulk of them specific to the Microsoft Windows version.

The battle for your in-box shows no signs of waning. Despite the efforts of software companies large and small, spammers and phishers continue to find and exploit weaknesses in junk-mail filters at the server and client levels.

A vulnerability in Microsoft’s Internet Explorer (IE) browser could help fraudsters make phishing websites appear legitimate, a security researcher reported Wednesday. The flaw lies in the way IE7 processes a locally stored HTML error message page that is typically shown when the user cancels the loading of a webpage, said Aviv Raff, a security researcher [...]

SecureIX launched last year with almost no hype surrounding it. Even we only came to know of it recently. Why something so seemingly important went unnoticed, is unknown. What SecureIX offers is a whole package of ’secure services’. An IMAP/POP SSL-enabled e-mail account with PGP encryption and 1 GB storage, Usenet newsgroup access, and an [...]

This update addresses an issue experienced by some users where CPU usage is high when they are navigating a page that contains multiple frames or when multiple frames are navigated simultaneously. This occurs when the phishing filter evaluates the page for each navigation, resulting in multiple simultaneous evaluations for the same page. If you have [...]

The CA/Browser Forum wants to bring increased safety to web banking and e-commerce by developing a new digital certificate that can better verify a site’s legitimacy. The technology is already included in Internet Explorer 7 and Opera 8 and certainly looks like a step in the right direction—for the companies that are able to get [...]