Security News

New Firefox version fixes Linux crashes, Apple Silicon hangs
2021-03-11 19:40

Mozilla today started rolling out Firefox 86.0.1 to address a known bug causing the web browser to crash frequently when launched on Linux systems. While this issue came with a low crash rate on previous Firefox versions, Linux users have started seeing more and more crashes after updating to Firefox 86 last month.

Firefox Total Cookie Protection comes to mobile and desktop versions
2021-03-08 16:09

Firefox Total Cookie Protection comprehensively partitions cookies and other site data between websites. Mozilla has added Total Cookie Protection to both the desktop and mobile versions of its browser, though the feature isn't enabled by default.

Malicious Firefox extension allowed hackers to hijack Gmail accounts
2021-02-26 15:09

Several Tibetan organizations were targeted in a cyber-espionage campaign by a state-backed hacking group using a malicious Firefox extension designed to hijack Gmail accounts and infect victims with malware. The Chinese state hackers also infected victims with the Scanbox malware reconnaissance framework, which allowed them to harvest their targets' data and log their keystrokes.

Chinese Hackers Using Firefox Extension to Spy On Tibetan Organizations
2021-02-25 23:39

Cybersecurity researchers today unwrapped a new campaign aimed at spying on vulnerable Tibetan communities globally by deploying a malicious Firefox extension on target systems. "Threat actors aligned with the Chinese Communist Party's state interests delivered a customized malicious Mozilla Firefox browser extension that facilitated access and control of users' Gmail accounts," Proofpoint said in an analysis.

Malicious Mozilla Firefox Extension Allows Gmail Takeover
2021-02-25 17:04

A newly uncovered cyberattack is taking control of victims' Gmail accounts, by using a customized, malicious Mozilla Firefox browser extension called FriarFox. FriarFox gives cybercriminals various types of access to users' Gmail accounts and Firefox browser data.

Mozilla Patches Bugs in Firefox, Now Blocks Cross-Site Cookie Tracking
2021-02-24 20:50

The Mozilla Foundation has released its latest version of the Firefox browser, which comes with new privacy protections to squash cross-site cookie tracking, as well as a slew of security vulnerability fixes. "Total Cookie Protection confines cookies to the site where they were created, which prevents tracking companies from using these cookies to track your browsing from site to site," said Tim Huang, Johann Hofmann and Arthur Edelstein with Mozilla on Tuesday.

Mozilla Firefox keeps cookies kosher with quarantine scheme, 86s third-party cookies in new browser build
2021-02-24 07:02

Mozilla has revised the way the latest build of the Firefox browser handles HTTP cookies to prevent third-parties from using them to track people online, as part of improvements in build 86 of the code. The third-party cookies placed by these scripts can be read on other websites that also load tracking code and are often used to follow people from website to website in order to build interest profiles for behavioral ad targeting.

New Firefox Feature Ups the Ante Against Cookie-Based Tracking
2021-02-24 03:03

Mozilla this week announced improved user privacy in Firefox 86, with the introduction of a new feature aimed at preventing the tracking of users from site to site. Called Total Cookie Protection and built into Enhanced Tracking Protection Strict Mode, the new feature was designed to confine cookies to the websites that created them, and complements the Supercookie Protections that Mozilla introduced in Firefox 85 last month.

Firefox 86 gets a privacy boost with Total Cookie Protection
2021-02-23 15:12

Mozilla Firefox 86 was released today with Total Cookie Protection, a new privacy feature that prevents web trackers from keeping tabs on your activity while browsing the web. With the release of Firefox 86, all other Firefox development branches have also moved up a version bringing Firefox Beta to version 87, and the Nightly builds to version 88.

Critical Firefox Vulnerability Can Allow Code Execution If Chained With Other Bugs
2021-02-09 14:09

An update released last week by Mozilla for Firefox 85 patches a critical information disclosure vulnerability that can be chained with other security flaws to achieve arbitrary code execution. In its advisory for the vulnerability - the bug currently does not have a CVE identifier - Mozilla described it as a "Buffer overflow in depth pitch calculations for compressed textures." The issue, reported by researchers Abraruddin Khan and Omair through Trend Micro's Zero Day Initiative, apparently only impacts Firefox running on Windows - other operating systems are not affected.