We often think that as long as we avoid the darker corners of the internet we will be safe. Once again events have shown that to be a false sense of security, as shown in this article from ArsTechnica. In this instance, hackers used banner ads on huffingtonpost.com, zillow.com and other major legitimate websites to distribute ransomware (malware that encrypts your hard drive to extort payment to decrypt it). They used a Flash exploit disguised as a Hugo Boss advertisement, which was then shown by third-party advertiser AdButler via Google’s DoubleClick advertising network, on many well known websites. A second similar attack came through Merchanta via DoubleClick again. Simply visiting any of the pages showing the ad was enough to launch the attack, and ultimately compromise the visitor’s computer. The browser is incredibly vulnerable to this kind of attack, and unfortunately there are no places where you can be safe on the web. I talked about the reasons why browsers are so vulnerable, and our beliefs about how to solve the problem in a recent webinar.