Posts Tagged ‘Firefox’

Firefox logo

secure connection

To protect your data and computer users, Mozilla Corporation had prepared a list of sites that Firefox must be connected only in protected mode.

To force the browser to establish a secure connection server mechanism uses HTTP Strict Transport Security, reported in Mozilla.

With HSTS server signals the need to secure the connection. But when the browser connects to that server for the first time, it is unknown whether to apply a secure connection, as it can be unreliable. To work around this problem, Firefox made in advance sostavlennny list of domains that should be connected by default to HTTPS. So even if the attackers try to force the server to communicate over insecure protocols, the browser will not allow it, believe in Mozilla. (more…)

Firefox logo

Vulnerability in Firefox

In the browser, eliminated two XSS vulnerability attacks and one vulnerability disclosure of sensitive data.

Mozilla Foundation has released a security update Firefox 16.0.2, which eliminated three vulnerabilities.

The second in the last two weeks fix in Firefox resolves two vulnerabilities that can make XSS attack, and one vulnerability disclosure of sensitive data, which allows you to bypass security restrictions and implement a cross-domain object reading Location. (more…)

Vulnerability

Browser extension

Specialist anti-virus protection Zoltan Balazs announced the creation of a special program, which looks like an extension to the browser and perform almost all the functions typical of malware.

In particular, Balazs’s extension supports remote management, modification viewed web-pages, download and execute external code, theft of login information to log in to various services, bypassing two-factor authentication on the web-sites, and more. Among other things, Bazals promises to publish its program code in a public repository GitHub as an experimental corroboration of its findings about the vulnerabilities of modern browsers.

Balazs himself working in the Hungarian branch of the well-known consulting firm Deloitte. His product, he decided to show what risks may pose a browser extension and the antivirus industry attention to this problem. Prior to the open publication Balazs shared his code with the major vendors.

When to use browser extensions for criminal activities are known. So, in May of this year, it was discovered an extension to the browser Chrome, which inserts false advertising page on Wikipedia. However, so far malicious extensions mainly served for fraud with online advertising, or for processing search requests to a fake website.┬áBalazs development shows that such extensions can be used for more serious attacks. (more…)

Firefox logoIn new beta-version of the 16-th version of Firefox, appeared a command line is designed for developers of browser.

New option serves as the command center of development tools. It allows you to display and change the cookies, take screenshots, debug code, enable and disable extensions and perform other developer.

Is Firefox browser command line 16 threat to information security? (more…)

Firefox logoMozilla this week released the browser Firefox 15.0.1, where the bug has been eliminated, the use of which allows a web site to get information about users, even if the browser is operated in private browsing.

Private browsing mode or Private Browsing allows Firefox users visit sites at the same time denying the very sites to collect data about users.

According to Mozilla, as usual Firefox Private Browsing does not have to save the pages you view on your computer hard drive, as well as data retrieval forms, passwords, files to download, cookie and temporary files that are typically cache. (more…)