- Web Security Tracking Known Malicious Websites by ETag Identifiers
HTTP ETags can track malicious websites even when attackers rotate domain names for the same malicious server. CompuCom found a single ETag associated with malware that could filter 12 domains and...
- Risk Management Know the Alternatives When Negotiating IT Risk Mitigation Approaches
When business managers reject expensive security recommendations, present alternative mitigation options—such as virtual patching as a stopgap before code fixes. Understanding your BATNA (Best...
- Tools 4 Free Tools to Detect Local Insecure Browser Plugins
Four free tools can identify locally-installed browser plugins that need security patches: Google Chrome's built-in warnings and Secbrowsing extension, Mozilla's Plugin Check page, Qualys...
- Malware Respect the Browser - Security Awareness Recommendations
Six brief browser safety recommendations for non-technical users: use bookmarks to avoid typosquatting, patch browsers and add-ons automatically, ensure HTTPS for sensitive data, log out properly,...
- Networking Web Application Firewalls (WAFs) Will Be Ubiquitous
WAFs are following the adoption trajectory of traditional network firewalls—both mitigate risk when securing individual components is impractical. Network firewalls protected weakly-configured...
- Malware Understanding Computer Attack and Defense Techniques
Modern attacks combine social engineering to bypass technical defenses, client-side exploits targeting browsers and add-ons, web application vulnerabilities like SQL injection, and persistent...