WOOF locker: Unmasking the browser locker behind a stealthy tech support scam operation
We reveal the inner workings of WOOF locker, the most sophisticated browser locker campaign we’ve seen to date. Learn how this tech support scam evades researchers and ensnares users by hiding in plain sight.
Hyperlink auditing: where has my option to disable it gone?
Hyperlink auditing is not a new way to track website users, but it could become more popular, as many browsers are taking away user options to disable it.
Browser push notifications: a feature asking to be abused
Whoever invented browser push notifications must have been able to guess they would be abused for advertising. This post explains what they are and how to disable them.
Browser-based fingerprinting: implications and mitigations
This post covers the information disclosure bugs in Internet Explorer and Edge that we sometimes refer to as ‘fingerprinting’. We review past flaws as well as a currently unpatched one used in the wild before exploring some long term mitigations.
