Security News
A Mozilla Foundation update to the Firefox web browser, released Tuesday, tackles one critical vulnerability and a handful of high-severity bugs. The specific critical bug in Firefox was also highlighted earlier this month in Google's Chrome browser security update, where it was rated as a high-severity flaw.
Mozilla Firefox 84 was released today with a dramatic performance boost after adding native support on macOS devices with Apple Silicon processors. With the release of Firefox 84, all other Firefox development branches have also moved up a version bringing Firefox Beta to version 85 and the Nightly builds to version 86.
When searching for things online, has a greater number of ads than usual been popping up at the top of your search results? If it has, and you're using Microsoft Edge, Google Chrome, Yandex Browser, or Mozilla Firefox, you might have fallen prey to the ad-injecting Adrozek malware. Modifying browser extensions by adding malicious scripts to them, which fetch additional scripts to injecting advertisements into search results.
Microsoft on Thursday took the wraps off an ongoing campaign impacting popular web browsers that stealthily injects malware-infested ads into search results to earn money via affiliate advertising. The campaign - which impacts Microsoft Edge, Google Chrome, Yandex Browser, and Mozilla Firefox browsers on Windows - aims to insert additional, unauthorized ads on top of legitimate ads displayed on search engine results pages, leading users to click on these ads inadvertently.
On Thursday Microsoft warned that there's an ongoing campaign to distribute malware that modifies web browsers to conduct credential theft and ad fraud. Since at least May, 2020, unidentified cybercriminals have been distributing a family of browser modifiers dubbed Adrozek, Microsoft said.
On Thursday Microsoft warned that there's an ongoing campaign to distribute malware that modifies web browsers to conduct credential theft and ad fraud. Since at least May, 2020, unidentified cybercriminals have been distributing a family of browser modifiers dubbed Adrozek, Microsoft said.
Two information disclosure vulnerabilities recently identified in the Chrome, Edge, and Firefox web browsers may be exploited to obtain information on applications on the system, Fortinet reports. The bugs impact Protocol Handlers, which are related to a mechanism that allows apps to register their own URI schemes used for process execution.
"In light of the very high availability of HTTPS, we believe that it is time to let our users choose to always use HTTPS. That's why we have created HTTPS-Only Mode, which ensures that Firefox doesn't make any insecure connections without your permission," Mozilla says. Once HTTPS-Only Mode has been enabled, Firefox will attempt to always establish a fully secure connection to the visited website, and even if the user clicks on an HTTP link or manually enters it, the browser will still use HTTPS instead. The new feature can be enabled from the "Preferences" menu, in the "Privacy & Security" section.
A crafty person could have slurped every single cookie from a Firefox-using Android device by tricking a user to look at a specially crafted HTML file. So found infosec researcher Pedro Oliveira, who discovered a vulnerability in the way Firefox handled local files through content:// URIs that allowed him to remotely retrieve copies of all cookies saved on the device - giving him access to a reasonable estimate of the websites viewed by the device's user.
Mozilla Firefox 83 was released today with a new feature called 'HTTPS-Only Mode' that secures your browsing sessions by rewriting URLs to secure HTTPS versions. Windows, Mac, and Linux desktop users can upgrade to Firefox 83 by going to Options -> Help -> About Firefox.