Security News

Mozilla has emitted security updates for Firefox to address eight CVE-listed security flaws, five of them considered to be high-risk vulnerabilities. Of the five high-risk flaws, three are confirmed to allow arbitrary code execution, which in the case of a web browser means that simply loading up a malicious page could lead to malware running on your machine.

12 of the 15 most popular video call apps meet Mozilla's Minimum Security Standards, according to a new report. Researchers with Mozilla decided to comb through the privacy policies, app specifications, and security features of 15 video call apps and platforms in their latest report, "*Privacy Not Included.

Mozilla's latest "*Privacy Not Included" report shows that twelve out of fifteen popular video call applications and platforms meet the organization's minimum security standards. What Mozilla's researchers discovered was that twelve of the analyzed apps meet Mozilla's Minimum Security Standards.

Mozilla on Thursday announced some changes to its Firefox bug bounty program, including bigger rewards and its decision to accept duplicate reports in some cases. The organization has been running a bug bounty program since 2004, and between 2017 and 2019 it paid out nearly $1 million for roughly 350 vulnerabilities.

Mozilla has released security updates for its Firefox browser in conjunction with a US Cybersecurity and Infrastructure Security Agency advisory warning that critical vulnerabilities in the browser are being actively exploited. To address these flaws, Firefox was updated to version 74.0.1 and Firefox Extended Support Release - a slower evolving version for enterprises - was updated to 68.6.1.

Mozilla has released updates for its Firefox web browser to patch two critical use-after-free vulnerabilities that have been exploited in attacks. Both flaws have been addressed with the release of Firefox 74.0.1 and Firefox ESR 68.6.1.

Have you come up with hardware or software that can help solve a problem that arose from COVID-19 and its worldwide spread? Mozilla is offering up to $50,000 to open source technology projects that are responding to the pandemic in some way. Online "Hackatons" - launched/sponsored by governments and various organizations in Poland, Estonia, China, the UK, Switzerland, India, Malaysia, and so on - are gathering participants from different sectors and with different skills to collaborate and come up with IT-based open source solutions to COVID-19-related medical, social and other problems.

Mozilla is getting ready to remove support for the File Transfer Protocol from the Firefox web browser due to security concerns. The Internet giant aims to completely remove support for FTP in Chrome 82.

The patched version of Mozilla's browser, launched on Tuesday, is Firefox 73 and Firefox ESR 68.5. One of the vulnerabilities, tracked as CVE-2020-6800, was fixed in a previous release of Firefox 72 and the current Firefox ESR 68.5 update on Tuesday.

We're committed to completely eradicating weak versions of TLS because at Mozilla we believe that user security should not be treated as optional. Although not exactly a household name, TLS is the encryption protocol that makes several types of secure connection possible, including secure versions of SMTP, POP3, FTP and of, course, HTTP. For example, when a browser visits a site using HTTPS, TLS sets up authentication, the exchange of session keys, and agreement on cipher suites.