Threat Post

Phish Uses Google’s URL Decoding to Swim Past Defenses

Percentage-based URL encoding plus Google domain trickery is helping malicious emails to evade filters. A phishing campaign that takes advantage of Google’s ability to decode non-ASCII URL data on the ...
Network World

IE URI encoding behavior facilitates XSS attacks, researchers say

An inconsistency in how Microsoft’s Internet Explorer (IE) encodes double quotes in URIs (uniform resource identifiers) can facilitate cross-site scripting (XSS) attacks, researchers from security ...
Search Engine Roundtable

Google: Do Not Use Commas, Brackets Or Non-Standard URL Encoding For Faceted Navigation

Google's John Mueller confirmed that the search company's 2014 guidance with faceted navigation remains true today - do not use non-standard URL encoding. That means do not use commas, brackets or ...