Firefox

Pierluigi Paganini June 11, 2020
Cisco discloses technical details for Firefox code execution flaw

Cisco Talos experts released technical details on a recently addressed vulnerability in Firefox that could be exploited for code execution. Security experts from Cisco Talos have released technical details on a recently addressed vulnerability in Firefox, tracked as CVE-2020-12405, that could be exploited by attackers for remote code execution. The issue is a use-after-free in SharedWorkerService […]

Pierluigi Paganini April 24, 2020
Mozilla offers bigger rewards for Firefox flaws under its bug bounty program

Mozilla announced some changes to its Firefox bug bounty program, it promises bigger rewards for vulnerabilities and will accept duplicate reports if necessary. Mozilla announced some major changes to its bug bounty program that was first launched in 2004. The organization paid out $965,750 for roughly 350 vulnerabilities, the average payout for each issue was […]

Pierluigi Paganini April 09, 2020
Google and Mozilla address serious flaws in Firefox and Chrome browsers

Google and Mozilla released new versions of Chrome and Firefox browsers to addressed several high-severity vulnerabilities. Mozilla has released Firefox version 75 that includes six security patches for the desktop, and two patches targeting to address vulnerabilities in the Android app. “With today’s release, a number of improvements will help you search smarter, faster.” reads the […]

Pierluigi Paganini April 04, 2020
Firefox 74.0.1 addresses two zero-days exploited in the wild

Mozilla releases Firefox version 74.0.1 to address two vulnerabilities exploited by threat actors in attacks in the wild, users should update their browsers asap. Mozilla is urging users to install the latest version of its browser, Firefox 74.0.1, which addresses two bugs that are being exploited in the wild by threat actors. The two vulnerabilities […]

Pierluigi Paganini April 03, 2020
Twitter discloses privacy issue that caused caching of files sent via DMs in Firefox

Twitter discloses a privacy issue in the way the Mozilla Firefox cached private files sent or received via DM for up to 7 days. Twitter admitted that the private files sent via Twitter DMs were cached inside the users’ Firefox browsers for up to seven days, even if users have logged off. The problem is […]

Pierluigi Paganini April 02, 2020
Hackers exploited IE and Firefox flaws in attacks on entities in China, Japan

An APT group is exploiting the flaws patched earlier this year in Firefox and Internet Explorer in attacks aimed at China and Japan. An APT group is exploiting two vulnerabilities patched earlier this year in Firefox and Internet Explorer in attacks aimed at China and Japan. The first issue, tracked as CVE-2019-17026, affects the Firefox […]

Pierluigi Paganini January 27, 2020
Mozilla banned hundreds of malicious Firefox add-ons over the last weeks

Mozilla is intensifying the efforts to protect its users, in the last couple of weeks, the security staff has banned 200 malicious Firefox add-ons. Over the past two weeks, Mozilla has reviewed and banned 197 Firefox add-ons because they were executing malicious code. The malicious Firefox add-ons were found stealing user data and for this […]

Pierluigi Paganini January 09, 2020
Mozilla addresses CVE-2019-17026 Firefox Zero-Day exploited in targeted attacks

Mozilla has released security updates for Firefox browser that address a zero-day flaw (CVE-2019-17026) that has been exploited in targeted attacks. Mozilla has released security updates to address a critical Firefox browser zero-day issue (CVE-2019-17026) that has been exploited in targeted attacks. The CVE-2019-17026 flaw is an “IonMonkey type confusion with StoreElementHole and FallibleStoreElement,” where IonMonkey is the […]

Pierluigi Paganini August 16, 2019
Mozilla addresses “master password” security bypass flaw in Firefox

The latest update released by Mozilla for Firefox patches a flaw in Firefox Password Manager that can be exploited to access stored passwords. The latest release for Mozilla Firefox (Firefox 68.0.2) fixes a vulnerability that can be exploited to bypass the master password in Firefox Password Manager and access stored passwords. “When a master password […]

Pierluigi Paganini July 03, 2019
Old known issue in Firefox allows HTML files to steal other files from victim’s system

Opening an HTML file on Firefox could allow attackers to steal files stored on a victim’s computer due to a weakness in the popular web browser. The security expert Barak Tawily demonstrated that opening an HTML file on Firefox could allow attackers to steal files stored on a victim’s computer due to a 17-year-old known bug in […]