Chrome and Firefox Phishing Attack Uses Domains Identical to Known Safe Sites

Saturday, April 15th, 2017

There is a phishing attack that is receiving much attention today in the security community. As a reminder: A phishing attack is when an attacker sends you an email that contains a link to a malicious website. You click on the link because it appears to be trusted. Merely visiting the ...

Fake Font Update on Google Chrome Uses Social Engineering to Infect Users with Ransomware

Friday, February 24th, 2017

We’ve seen social engineering attacks manipulate users time and time again. From phishing emails, to baiting attempts – this breed of cyberthreat has continued to manipulate users for years. And now a new scam has emerged that utilizes a fake update on Google Chrome to trick users into downloading and ...

New ASLR-busting JavaScript is about to make drive-by exploits much nastier

Saturday, February 18th, 2017

For a decade, every major operating system has relied on a technique known as address space layout randomization to provide a first line of defense against malware attacks. By randomizing the computer memory locations where application code and data are loaded, ASLR makes it hard for attackers to execute malicious ...

A Study on Private Browsing: Consumer Usage, Knowledge, and Thoughts

Friday, February 3rd, 2017

At DuckDuckGo, our vision is to raise the standard of trust online. To that end, we strive to understand what people know about online privacy and how they use the privacy features available to them. This report focuses on the feature in web browsers commonly referred to as “Private Browsing.” “Private ...

Mozilla and Tor release urgent update for Firefox 0-day under active attack

Wednesday, November 30th, 2016

Developers with both Mozilla and Tor have published browser updates that patch a critical Firefox vulnerability being actively exploited to deanonymize people using the privacy service. "The security flaw responsible for this urgent release is already actively exploited on Windows systems," a Tor official wrote in an advisory published Wednesday afternoon. ...