Mozilla and Tor release urgent update for Firefox 0-day under active attack

Wednesday, November 30th, 2016

Developers with both Mozilla and Tor have published browser updates that patch a critical Firefox vulnerability being actively exploited to deanonymize people using the privacy service. "The security flaw responsible for this urgent release is already actively exploited on Windows systems," a Tor official wrote in an advisory published Wednesday afternoon. ...

NoScript and other popular Firefox add-ons open millions to new attack

Tuesday, April 5th, 2016

NoScript, Firebug, and other popular Firefox add-on extensions are opening millions of end users to a new type of attack that can surreptitiously execute malicious code and steal sensitive data, a team of researchers reported. The attack is made possible by a lack of isolation in Firefox among various add-ons installed ...

How to avoid the latest LastPass Phishing Attack

Saturday, January 16th, 2016

Sean Cassidy discovered recently that the popular password manager LastPass is vulnerable to a  phishing attack that takes advantage of the way messages are displayed to users of the service. The method that he describes on his blog works in Google Chrome, and to a degree in Firefox as well. The main ...

Flash/HTML5 in Firefox

Friday, July 31st, 2015

I've been asked a lot lately about uninstalling Flash in Firefox and why users are still being served the Flash versions on Youtube, for example, and requiring them to install it before displaying the video.  I was asked again today and thought I would quickly post something about it. The easiest ...

Beware: Hola VPN turns your PC into an exit node and sells your traffic

Thursday, May 28th, 2015

Hola is a popular virtual private network (VPN) provider that is available for various web browsers including Google Chrome, Mozilla Firefox and Internet Explorer, as well as desktop and mobile operating systems. It is free to use and if you check ratings and users on Chrome's Web Store alone, you will ...