Get a Pentest and security assessment of your IT network.

Cyber Security

Web Browsers still allow drive-by-downloads in 2020

A new research shows that secure contexts such as sandboxed iframes can be abused to allow drive-by-downloads when visiting a website. The technique can be used to distribute unwanted software and malicious programs in the hopes that users will accidentally or mistakenly execute the downloads and get infected. With the release of Chrome 83, downloads are blocked in sandboxed cross-origin iframs, and the drive by-download technique did not work. Chrome 83 and Microsoft Edge 83 both allow it to block downloads, but Firefox and Brave browsers still allow it.

Source: https://www.bleepingcomputer.com/news/security/web-browsers-still-allow-drive-by-downloads-in-2020/

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation