Security News
Mozilla today started rolling out Firefox 86.0.1 to address a known bug causing the web browser to crash frequently when launched on Linux systems. While this issue came with a low crash rate on previous Firefox versions, Linux users have started seeing more and more crashes after updating to Firefox 86 last month.
Firefox Total Cookie Protection comprehensively partitions cookies and other site data between websites. Mozilla has added Total Cookie Protection to both the desktop and mobile versions of its browser, though the feature isn't enabled by default.
Several Tibetan organizations were targeted in a cyber-espionage campaign by a state-backed hacking group using a malicious Firefox extension designed to hijack Gmail accounts and infect victims with malware. The Chinese state hackers also infected victims with the Scanbox malware reconnaissance framework, which allowed them to harvest their targets' data and log their keystrokes.
Cybersecurity researchers today unwrapped a new campaign aimed at spying on vulnerable Tibetan communities globally by deploying a malicious Firefox extension on target systems. "Threat actors aligned with the Chinese Communist Party's state interests delivered a customized malicious Mozilla Firefox browser extension that facilitated access and control of users' Gmail accounts," Proofpoint said in an analysis.
A newly uncovered cyberattack is taking control of victims' Gmail accounts, by using a customized, malicious Mozilla Firefox browser extension called FriarFox. FriarFox gives cybercriminals various types of access to users' Gmail accounts and Firefox browser data.
The Mozilla Foundation has released its latest version of the Firefox browser, which comes with new privacy protections to squash cross-site cookie tracking, as well as a slew of security vulnerability fixes. "Total Cookie Protection confines cookies to the site where they were created, which prevents tracking companies from using these cookies to track your browsing from site to site," said Tim Huang, Johann Hofmann and Arthur Edelstein with Mozilla on Tuesday.
Mozilla has revised the way the latest build of the Firefox browser handles HTTP cookies to prevent third-parties from using them to track people online, as part of improvements in build 86 of the code. The third-party cookies placed by these scripts can be read on other websites that also load tracking code and are often used to follow people from website to website in order to build interest profiles for behavioral ad targeting.
Mozilla this week announced improved user privacy in Firefox 86, with the introduction of a new feature aimed at preventing the tracking of users from site to site. Called Total Cookie Protection and built into Enhanced Tracking Protection Strict Mode, the new feature was designed to confine cookies to the websites that created them, and complements the Supercookie Protections that Mozilla introduced in Firefox 85 last month.
Mozilla Firefox 86 was released today with Total Cookie Protection, a new privacy feature that prevents web trackers from keeping tabs on your activity while browsing the web. With the release of Firefox 86, all other Firefox development branches have also moved up a version bringing Firefox Beta to version 87, and the Nightly builds to version 88.
An update released last week by Mozilla for Firefox 85 patches a critical information disclosure vulnerability that can be chained with other security flaws to achieve arbitrary code execution. In its advisory for the vulnerability - the bug currently does not have a CVE identifier - Mozilla described it as a "Buffer overflow in depth pitch calculations for compressed textures." The issue, reported by researchers Abraruddin Khan and Omair through Trend Micro's Zero Day Initiative, apparently only impacts Firefox running on Windows - other operating systems are not affected.