04/21/2017 | News release | Distributed by Public on 04/21/2017 10:25
Here's what you need to know about a new browser security threat. This information was originally covered by Mark Maunder on Wordfence.
The latest cybersecurity threat to you and your users may just lie on the very browser you are using to read this article.
A new attack is making the rounds on both Firefox and Chrome browsers (software details below). The threat uses Unicode to register domains that look completely identical to actual domains. Users can be fooled into signing into these fake websites, providing login credentials or other personal information and instantly exposing secure information to the attackers.
A new attack tricks users into logging into seemingly secure, fake websites, exposing secure information to attackers.
This attack is possible due to 'Punycode' support in browsers. Punycode makes it possible to register a domain with foreign characters. For example, xn--80ak6aa92e.com shows up as apple.com when launched in a browser. The xn-- prefix is what is known as an ASCII compatible encoding prefix. It lets the browser know that the domain uses Punycode encoding to represent Unicode characters.
Attackers can use the Unicode characters for popular sites and can also obtain SSL certificates for their fake sites, which would then appear as secure (indicated by a green padlock) to users. This affects the current version of Chrome browser, which is version 57.0.2987, and the current version of Firefox, which is version 52.0.2.
For security-conscious organizations, it is imperative to be protected against these types of threats. Deploying a secure browser, such as VMware Browser, helps to safeguard your organization and your employees from unpredictable threats such as this.
VMware Browser operates similarly to popular browsers such as Chrome and Safari. With a native user experience, users can securely access the information they need on the go. VMware Browser also integrates with secure backend networks to provide users with instant access to corporate web apps and intranet sites without manually connecting to VPN.
Please note: If you are a customer using VMware Browser today, you will not be affected by this threat.
The threat of a cyber attack is an ever-looming topic. Stay informed with cybersecurity news on the AirWatch Blog: