Fake Font Update on Google Chrome Uses Social Engineering to Infect Users with Ransomware

Friday, February 24th, 2017

We’ve seen social engineering attacks manipulate users time and time again. From phishing emails, to baiting attempts – this breed of cyberthreat has continued to manipulate users for years. And now a new scam has emerged that utilizes a fake update on Google Chrome to trick users into downloading and ...

Announcing the first SHA1 collision

Friday, February 24th, 2017

Cryptographic hash functions like SHA-1 are a cryptographer’s swiss army knife. You’ll find that hashes play a role in browser security, managing code repositories, or even just detecting duplicate files in storage. Hash functions compress large amounts of data into a small message digest. As a cryptographic requirement for wide-spread ...

New ASLR-busting JavaScript is about to make drive-by exploits much nastier

Saturday, February 18th, 2017

For a decade, every major operating system has relied on a technique known as address space layout randomization to provide a first line of defense against malware attacks. By randomizing the computer memory locations where application code and data are loaded, ASLR makes it hard for attackers to execute malicious ...

This ‘invisible’ memory-based malware is infiltrating organisations across the globe

Thursday, February 9th, 2017

Cybercriminals are launching 'invisible' attacks to infiltrate the networks of organisations to steal login credentials and financial data -- and the only tool they're using is legitimate software. It's thought that over 140 organisations including banks, telecommunications companies, and government organisations across the globe have fallen victim to these hidden malware ...

A Study on Private Browsing: Consumer Usage, Knowledge, and Thoughts

Friday, February 3rd, 2017

At DuckDuckGo, our vision is to raise the standard of trust online. To that end, we strive to understand what people know about online privacy and how they use the privacy features available to them. This report focuses on the feature in web browsers commonly referred to as “Private Browsing.” “Private ...