Mozilla

Pierluigi Paganini August 08, 2015
0-day attack on Firefox stole sensitive data and password

Mozilla released the version 39.0.3 Firefox to patch a critical 0-day vulnerability that has been exploited in the wild. A zero-day vulnerability in Mozilla FireFox was reported on Wednesday to the company. A user noticed that an ad displayed on a Russian news website was serving an a malicious code. The exploit discovered by the user […]

Pierluigi Paganini May 03, 2015
Mozilla Fundation, a step toward to full HTTPS implementation

The Mozilla Foundation is starting the operations to phase the HTTP connections in the Firefox browser according to “encrypt the Web” movement. According to roadmap defined by the Mozilla Foundation, the organization has started the process to move toward full HTTPS enforcement in Firefox browser In November 2014 the Electronic Frontier Foundation (EFF) and other firms, […]

Pierluigi Paganini January 30, 2015
Mozilla continues the phasing out of 1024-bit SSL CA certificates

Mozilla products including the Firefox browser will stop trusting SSL certificates that were issued using old root CA certificates with 1024-bit RSA keys. Mozilla products including the popular Firefox browser will stop trusting SSL certificates that were issued using old root CA certificates with 1024-bit RSA keys. With this decision Mozilla wants to stress certificate authorities (CAs) […]

Pierluigi Paganini October 06, 2014
UPDATE – Bugzilla Zero-Day could trigger another Internet earthquake

A zero-day in Bugzilla bug-tracking tool allows anyone to view detailed reports about unfixed vulnerabilities in a wide range of vulnerability repositories. A new vulnerability in Bugzilla is scaring the security industry, it affects the Mozilla’s bug-tracking software, and could have a serious impact. The vulnerability in Bugzilla could be exploited by attackers to view […]

Pierluigi Paganini August 29, 2014
97K Bugzilla users affected by data disclosure

Mozilla Security Team announced a new accidental disclosure of email addresses and encrypted passwords of about 97,000 Bugzilla users. On Wednesday, officials at Bugzilla, the bug-tracking system managed by Mozilla, confirmed that email addresses and encrypted passwords belonging to 97,000 of their users had been disclosed. Bugzilla is a bug-tracking software system widely used by […]

Pierluigi Paganini August 04, 2014
Tens of thousands of Mozilla developers emails and password exposed

Mozilla Security Team announced the accidental disclosure of MDN email addresses of about 76,000 users and encrypted passwords of about 4,000 users. Bad news for tens of thousands of Mozilla developers, their email addresses and encrypted passwords were accidentally exposed. The news was reported in blog post published on the official Mozilla Security Blog, the risk is […]

Pierluigi Paganini December 16, 2013
Advanced Power hits Firefox Users to conduct vulnerability scanning

KrebsOnSecurity has discovered an unusual botnet that disguises itself as a legitimate add-on for Mozilla Firefox to perform website vulnerability scanning. Krebson security blog posted an interesting article on a new concerning botnet infected more than 12,500 systems disguises itself as a legitimate add-on for Mozilla Firefox to hack websites on a large scale.  The botnet, […]