Security News

Tor browser fixes bug that allows JavaScript to run when disabled

2020-03-17 12:16

The Tor browser has fixed a bug that could have allowed JavaScript to execute on websites even when users think they've disabled it for maximum anonymity. The Tor Project revealed the issue in the release notes for version 9.0.6, initially suggesting users manually disable JavaScript for the time being if the issue bothered them.

#browser #javascript #TOR

Avast pulls plug on insecure JavaScript engine in its security software suite

2020-03-13 02:16

Avast has disabled a component in its Windows anti-malware suite that posed, ironically enough, a significant security risk. The software maker switched off the JavaScript interpreter in its toolkit after Google Project Zero's Tavis Ormandy, and his colleagues, alerted the developer to design flaws in the code.

#avast #javascript #security

How to protect your organization against ad-based JavaScript exploits

2019-12-19 20:39

Cybercriminals continue to exploit weaknesses in JavaScript to try to steal sensitive data from consumers through advertising, according to DEVCON.

#exploit #javascript

NPM swats path traversal bug that lets evil packages modify, steal files. That's bad for JavaScript crypto-wallets

2019-12-13 02:05

Trio of vulnerabilities made registry full of uncertain code even more of a risk On Wednesday, NPM, Inc, the California-based biz that has taken it upon itself to organize the world's JavaScript...

#crypto #javascript #NPM #wallets

New JavaScript Skimmer Found on Ecommerce Sites

2019-11-15 22:33

Visa Security Researchers Say 'Pipka' Is Good at Avoiding DetectionSecurity researchers at Visa have uncovered a new type of JavaScript skimmer that has infected the online checkout pages for at...

#javascript #skimmer

Visa Warns of New JavaScript Skimmer 'Pipka'

2019-11-14 16:10

A new JavaScript skimmer targets data entered into the payment forms of ecommerce merchant websites, Visa Payment Fraud Disruption (PFD) warns. Dubbed Pipka, the skimmer was discovered on an...

#javascript #skimmer #visa

Week in review: Avast breach, deepfakes, VisibleV8 monitors JavaScript in the wild

2019-10-27 15:00

Here’s an overview of some of last week’s most interesting news and articles: Phishing attacks are a complex problem that requires layered solutions Most cyber attacks start with a social...

#avast #breach #deepfake #javascript

VisibleV8: Stealthy open source tool for monitoring JavaScript in the wild

2019-10-24 05:30

An open source tool that allows users to track and record the behavior of JavaScript programs without alerting the websites that run those programs has been developed at North Carolina State...

#javascript #opensource

Firefox Blocks Inline and Eval JavaScript on Internal Pages to Prevent Injection Attacks

2019-10-15 10:49

In an effort to mitigate a large class of potential cross-site scripting issues in Firefox, Mozilla has blocked execution of all inline scripts and potentially dangerous eval-like functions for...

#attack #firefox #javascript

Web clickjacking fraud makes a comeback thanks to JavaScript tricks

2019-08-29 14:30

More than a decade after hitting the headlines, clickjacking fraud remains an under-reported hazard on hundreds of popular websites.

#clickjacking #fraud #javascript #WEB

Security News {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Security News"}]}

Security News