Threat Post

Phish Uses Google’s URL Decoding to Swim Past Defenses

Percentage-based URL encoding plus Google domain trickery is helping malicious emails to evade filters. A phishing campaign that takes advantage of Google’s ability to decode non-ASCII URL data on the ...
Bleeping Computer

Microsoft Phishing Attack Uses Google Redirects to Evade Detection

A new phishing campaign uses Google search query redirects to send potential victims to a phishing landing page designed to collect Microsoft Office 365 credentials via encoded URLs. The phishers ...
Streaming Media Magazine

Encoding.com: Streaming Media's Comprehensive Hands-On Review

As with most cloud encoding vendors, Encoding.com is optimized for use via an application programming interface (API), and a substantial bulk of its customers use the API rather than a browser-based ...
Computerworld

IE URI encoding behavior facilitates XSS attacks, researchers say

An inconsistency in how Microsoft’s Internet Explorer (IE) encodes double quotes in URIs (uniform resource identifiers) can facilitate cross-site scripting (XSS) attacks, researchers from security ...
Infosecurity-magazine.com

Tycoon Phishing Kit Utilizes New Capabilities to Hide Malicious Links

New techniques have been developed within the Tycoon phishing kit to hide malicious links in email attacks, researchers from Barracuda have warned. The use of URL encoding, among other new techniques, ...