Security News
A report released Tuesday by security provider Tala Security maintains that most major websites are ill-equipped to combat the flaws in JavaScript, thus putting their customer and user data at risk. For its "2020 Global Data at Risk State of the Web Report," Tala analyzed the security defenses of the top 1,000 websites as ranked by Alexa.
Barclays Bank appears to have been using no less than the Internet Archive's Wayback Machine as a "Content distribution network" to serve up a Javascript file. Archive.org went down, it would presumably break Barclays' website as well.
The Tor browser has fixed a bug that could have allowed JavaScript to execute on websites even when users think they've disabled it for maximum anonymity. The Tor Project revealed the issue in the release notes for version 9.0.6, initially suggesting users manually disable JavaScript for the time being if the issue bothered them.
Avast has disabled a component in its Windows anti-malware suite that posed, ironically enough, a significant security risk. The software maker switched off the JavaScript interpreter in its toolkit after Google Project Zero's Tavis Ormandy, and his colleagues, alerted the developer to design flaws in the code.
Cybercriminals continue to exploit weaknesses in JavaScript to try to steal sensitive data from consumers through advertising, according to DEVCON.
Trio of vulnerabilities made registry full of uncertain code even more of a risk On Wednesday, NPM, Inc, the California-based biz that has taken it upon itself to organize the world's JavaScript...
Visa Security Researchers Say 'Pipka' Is Good at Avoiding DetectionSecurity researchers at Visa have uncovered a new type of JavaScript skimmer that has infected the online checkout pages for at...
A new JavaScript skimmer targets data entered into the payment forms of ecommerce merchant websites, Visa Payment Fraud Disruption (PFD) warns. Dubbed Pipka, the skimmer was discovered on an...
Here’s an overview of some of last week’s most interesting news and articles: Phishing attacks are a complex problem that requires layered solutions Most cyber attacks start with a social...
An open source tool that allows users to track and record the behavior of JavaScript programs without alerting the websites that run those programs has been developed at North Carolina State...