BROWSER BUG |
| 2009-07-17 | John Bambenek | Cross-Platform, Cross-Browser DoS Vulnerability |
BROWSER |
| 2023-04-13/a> | Johannes Ullrich | HTTP: What's Left of it and the OCSP Problem |
| 2023-02-16/a> | Jan Kopriva | HTML phishing attachment with browser-in-the-browser technique |
| 2022-08-23/a> | Xavier Mertens | Who's Looking at Your security.txt File? |
| 2022-06-22/a> | Xavier Mertens | Malicious PowerShell Targeting Cryptocurrency Browser Extensions |
| 2022-05-17/a> | Xavier Mertens | Use Your Browser Internal Password Vault... or Not? |
| 2020-06-11/a> | Xavier Mertens | Anti-Debugging JavaScript Techniques |
| 2018-09-07/a> | Xavier Mertens | Crypto Mining in a Windows Headless Browser |
| 2018-05-30/a> | Bojan Zdrnja | The end of the lock icon |
| 2017-12-03/a> | Xavier Mertens | StartSSL: Termination of Services is Now Scheduled |
| 2015-05-20/a> | Brad Duncan | Logjam - vulnerabilities in Diffie-Hellman key exchange affect browsers and servers using TLS |
| 2013-12-11/a> | Johannes Ullrich | Browser Fingerprinting via SSL Client Hello Messages |
| 2013-09-13/a> | Rob VandenBrink | Update for Safari to version 5.1.10 is out - http://support.apple.com/kb/HT5921 |
| 2012-07-23/a> | Johannes Ullrich | Most Anti-Privacy Web Browsing Tool Ever? |
| 2012-06-04/a> | Rob VandenBrink | Browsers and SSL Security - a Race to the Bottom ! |
| 2012-05-22/a> | Johannes Ullrich | The "Do Not Track" header |
| 2011-08-26/a> | Daniel Wesemann | User Agent 007 |
| 2011-06-09/a> | Richard Porter | One Browser to Rule them All? |
| 2011-04-10/a> | Raul Siles | Recent security enhancements in web browsers (e.g. Google Chrome) |
| 2011-03-23/a> | Johannes Ullrich | Firefox 4 Security Features |
| 2011-01-27/a> | Chris Carboni | Opera Updates |
| 2010-12-18/a> | Raul Siles | Google Chrome (Stable and Beta) have been updated to 8.0.552.224 for all platforms (Chrome OS too). http://bit.ly/fW04cr |
| 2010-10-12/a> | Adrien de Beaupre | New version of Opera- Opera 10.63 is a recommended upgrade offering security and stability enhancements: http://www.opera.com/browser/download/ |
| 2010-06-23/a> | Scott Fendley | Opera Browser Update |
| 2010-05-19/a> | Jason Lam | EFF paper about browser tracking |
| 2010-02-03/a> | Rob VandenBrink | Support for Legacy Browsers |
| 2010-01-27/a> | Raul Siles | Google Chrome v4.0.249.78 Released: http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html |
| 2009-07-17/a> | John Bambenek | Cross-Platform, Cross-Browser DoS Vulnerability |
| 2009-03-19/a> | Mark Hofman | Browsers Tumble at CanSecWest |
| 2009-03-04/a> | Deborah Hale | Firefox Releases version 3.0.7 |
| 2008-12-17/a> | donald smith | Opera 9.6.3 released with security fixes |
| 2008-12-12/a> | Swa Frantzen | Browser Security Handbook |
| 2008-08-20/a> | Adrien de Beaupre | From the mailbag, Opera 9.52... |
| 2008-06-19/a> | William Stearns | Firefox vunerability |
| 2008-04-18/a> | John Bambenek | EV SSL Certificates - Just once, why can't one of our poorly considered quick fixes work? |
| 2008-03-24/a> | Raul Siles | Next-generation Web browsers? |
BUG |
| 2025-02-06/a> | Xavier Mertens | The Unbreakable Multi-Layer Anti-Debugging System |
| 2024-11-19/a> | Xavier Mertens | Detecting the Presence of a Debugger in Linux |
| 2024-06-06/a> | Xavier Mertens | Malicious Python Script with a "Best Before" Date |
| 2022-08-23/a> | Xavier Mertens | Who's Looking at Your security.txt File? |
| 2022-01-02/a> | Guy Bruneau | Exchange Server - Email Trapped in Transport Queues |
| 2021-09-29/a> | Yee Ching Tok | Keeping Track of Time: Network Time Protocol and a GPSD Bug |
| 2021-08-20/a> | Xavier Mertens | Waiting for the C2 to Show Up |
| 2021-07-06/a> | Xavier Mertens | Python DLL Injection Check |
| 2021-05-21/a> | Xavier Mertens | Locking Kernel32.dll As Anti-Debugging Technique |
| 2021-01-30/a> | Guy Bruneau | Wireshark 3.2.11 is now available which contains Bug Fixes - https://www.wireshark.org |
| 2020-09-24/a> | Xavier Mertens | Party in Ibiza with PowerShell |
| 2020-06-11/a> | Xavier Mertens | Anti-Debugging JavaScript Techniques |
| 2020-06-04/a> | Xavier Mertens | Anti-Debugging Technique based on Memory Protection |
| 2017-02-25/a> | Guy Bruneau | Unpatched Microsoft Edge and IE Bug |
| 2016-02-27/a> | Guy Bruneau | Wireshark Fixes Several Bugs and Vulnerabilities |
| 2015-02-12/a> | Johannes Ullrich | Did You Remove That Debug Code? Netatmo Weather Station Sending WPA Passphrase in the Clear |
| 2014-09-19/a> | Guy Bruneau | PHP Fixes Several Bugs in Version 5.4 and 5.5 |
| 2014-04-08/a> | Guy Bruneau | OpenSSL CVE-2014-0160 Fixed |
| 2013-07-28/a> | Guy Bruneau | Wireshark 1.8.9 and 1.10.1 Security Update |
| 2013-06-22/a> | Guy Bruneau | Facebook Reports a Potential Leak of User Data |
| 2012-03-27/a> | Guy Bruneau | Wireshark 1.6.6 and 1.4.2 Released |
| 2012-03-27/a> | Guy Bruneau | Opera 11.62 for Windows patch several bugs and vulnerabilities - http://www.opera.com/docs/changelogs/windows/1162/ |
| 2010-12-22/a> | John Bambenek | IIS 7.5 0-Day DoS (processing FTP requests) |
| 2010-04-10/a> | Andre Ludwig | New bug/exploit for javaws |
| 2010-02-26/a> | Rick Wanner | New version of FireBug Firefox plug-in - http://getfirebug.com/ |
| 2009-12-28/a> | Johannes Ullrich | 8 Basic Rules to Implement Secure File Uploads http://jbu.me/48 (inspired by IIS ; bug) |
| 2009-10-26/a> | Johannes Ullrich | Today: ISC Login bugfix day. If you have issues logging in using OpenID, please email a copy of your OpenID URL to jullrich\at\sans.edu |
| 2009-08-31/a> | Pedro Bueno | Microsoft IIS 5/6 FTP 0Day released |
| 2009-07-17/a> | John Bambenek | Cross-Platform, Cross-Browser DoS Vulnerability |
| 2008-07-11/a> | Jim Clausing | And you thought the DNS issue was an old one... |
