For years, Apple, Firefox, Google and Microsoft relentlessly made the point that in order to avoid rogue sites you must make sure your browser “padlock” is either locked, green or is otherwise indicating a site as being “secure.” Now, cybersecurity firms are stressing that those padlocks are not enough.
“You must look beyond the lock,” said Dean Coclin, senior director of business development at DigiCert. “They simply can’t be trusted anymore.”
That’s because, years after all major browsers have added visual safety cues to their address bars, the majority of bad guys are also using them.
Read more…
Source: ThreatPost