Dynamic Pharming Attacks and Locked Same-Origin Policies for Web Browsers

MSDN Webcast: Internet Explorer 8 for Developers (Level 200)

Download

Windows Internet Explorer 8 ushers in a new wave of browser innovation from Microsoft, including Web Slices and Accelerators, while maintaining compatibility with the today's Web standards. The presenter of...

• Publisher:
• Microsoft

• Tags:
• web browsers

MSDN Webcast: Designing Creative DHTML, Silverlight UIs: Simple, Visualized & Intuitive (Level 300)

Download

The presenter of this webcast shows off the new point and click Visual WebGui Control & Theme Designer. This designer joins the well known drag and drop Visual WebGui Form...

• Publisher:
• Microsoft

• Tags:
• html,
• designer,
• visual webgui,
• webgui

MSDN Webcast: Silverlight Controls Framework (Level 100)

Download

The presenter of this webcast provides an overview of the Microsoft Silverlight controls and controls model. The presenter shows how to use Silverlight controls and how to make minor visual...

• Publisher:
• Microsoft

• Tags:
• web browsers

The Security Architecture of the Chromium Browser

Download

Most current web browsers employ a monolithic architecture that combines "The User" and "The Web" into a single protection domain. An attacker who exploits arbitrary code execution vulnerability in such...

• Publisher:
• University of Washington

• Tags:
• web browsers

Leading TV and Online Sports Broadcaster Raises the Bar With Microsoft Silverlight

Download

Founded in 1992 and based in London, Setanta Sports is a leading Internet and pay-TV sports broadcaster, operating channels in the U.K., Ireland, North America, and Australia. Setanta wanted to...

• Publisher:
• Microsoft

• Tags:
• web browsers

The Seamless Browser: Enhancing the Speed of Web Browsing by Zooming and Preview Thumbnails

Download

This paper presents a new web browsing system, Seamless Browser, for fast link traversal on a large screen like TV In navigating web, users mainly suffer from cognitive overhead of...

• Publisher:
• Association for Computing Machinery

• Tags:
• web browsers

The World Wide Telecom Web Browser

Download

As the number of telephony voice applications grow, there will be a need for a browser to surf the Web of interconnected voice applications (called as VoiceSites). These VoiceSites are...

• Publisher:
• Association for Computing Machinery

• Tags:
• web browsers

Dynamic Pharming Attacks and Locked Same-Origin Policies for Web Browsers

Download

This paper describes a new attack against web authentication, which the paper calls dynamic pharming. Dynamic pharming works by hijacking DNS and sending the victim's browser malicious Javascript, which then...

• Publisher:
• Association for Computing Machinery

• Tags:
• web browsers

CSurf: A Context-Driven Non-Visual Web-Browser

Download

Web sites are designed for graphical mode of interaction. Sighted users can "Cut to the chase" and quickly identify relevant information in Web pages. On the contrary, individuals with visual...

• Publisher:
• Association for Computing Machinery

• Tags:
• web browsers

The HearSay Non-Visual Web Browser

Download

This paper describes HearSay, a non-visual Web browser, featuring context-directed browsing, a unique and innovative Web accessibility feature, and an extensible VoiceXML dialog interface. The browser provides most of the...

• Publisher:
• Association for Computing Machinery

• Tags:
• web browsers

Microsoft double whammy hammers spam

It's used by spammers to disguise the origin of their junk mail, and fraudsters to pretend their emails come from genuine financial institutions. Microsoft has merged two email authentication methods into a single proposed standard in an attempt to...

• Channel:
• The Spam Report

Microsoft patches three "critical" IE security holes

Some have said that IE vulnerabilities have become so common that web surfers should consider other browsers. Technically, the flaw is what's known as a cross-domain vulnerability, through which an attacker is able to cross a security boundary...

• Channel:
• Malware

Microsoft: Another busy Patch Tuesday

For example, MS06-042 delivers fixes for eight IE bugs, and the user has to be duped into visiting a malicious website for attacks based on the holes to succeed, Microsoft said. However, an attacker has to be on the same sub-network as the intended...

• Channel:
• Security Strategy
• Tags:
• patch tuesday,
• flaws,
• flaw,
• microsoft

More phishing attacks than infected emails

One particular form of man-in-the-middle attack tries to circumvent two-factor authentication by effectively hijacking a user session. More phishing sites are now using Flash content rather than HTML in an attempt to evade anti-phishing technology...

• Channel:
• Malware
• Tags:
• phishing sites,
• phishing,
• phishing scam

Security experts criticise Phorm

In the process of attaching the cookie to the browser session, the request is bounced to the ISP machine three times. These request bounce-backs would magnify any denial-of-service attack, according to Clayton, and could also create...

• Channel:
• Security Strategy
• Tags:
• threat,
• ads,
• phorm

Warning: The Storm still rages on

The two possible avenues of attack are spam with links to the as-yet-unlinked-to fast-flux sites, or injecting malicious iFrame tags into legitimate websites, which would download malware onto users' machines, warned Symantec.

• Channel:
• Malware
• Tags:
• malware,
• botnet,
• storm