Tag Archive for: mozilla

Central government urges immediate action for Mozilla Firefox users amid security concerns


certin, mozilla firefox, web browser, security alert, security warning, hacking attempts, hackers
Image Source : FILE Representational Image

CERT-In, the Indian Computer Emergency Response Team, has issued a security warning regarding Mozilla’s Firefox web browser. The alert mentioned potential vulnerabilities that could be exploited by hackers to access confidential user data. It’s concerning as Firefox faces not just one, but multiple security issues.

Affected Versions

  • Firefox ESR versions before 115.5.0
  • Firefox iOS versions before 120
  • Mozilla Thunderbird versions before 115.5

The Risks

The highlighted security flaws indicate the possibility of unauthorised access which poses a major threat to user security.

Protective Measures Advised by CERT-In

  1. Update Firefox Immediately: Users are strongly advised to update their Firefox browser promptly. This step is crucial in addressing and mitigating the identified security issues.
  2. Enable Automatic Updates: Ensure that automatic updates are enabled for your Firefox browser. This feature helps in keeping the browser’s security measures up-to-date.
  3. Exercise Caution with Links and Attachments: Avoid clicking on links and opening attachments from unknown senders, whether through messages or emails. This simple precaution can prevent potential security threats.

CERT-In’s Recent Alerts

In recent weeks, CERT-In has been proactive in issuing security alerts. Prior warnings included concerns about security problems in Chrome on Android and highlighted vulnerabilities in major applications developed by Adobe.

Tips to Stay Safe

Staying vigilant and taking immediate action to update software are critical steps in safeguarding against potential security breaches. As cyber threats continue to evolve, users are encouraged to follow best practices to protect their devices and sensitive information. For further details and the latest updates, users can refer to CERT-In’s official website.

ALSO READ | No charger? Check these tips to keep your iPhone alive in emergency situations

ALSO READ | Xiaomi’s HyperOS update details revealed- Is your smartphone on the…

Source…

Mozilla Warns of Fake Thunderbird Downloads Delivering Ransomware 


Mozilla issued a warning this week over malicious websites offering Thunderbird downloads after a ransomware group was caught using this technique to deliver malware.

Cybersecurity journalist Brian Krebs reported last week that a website where the Snatch ransomware group names victims had been leaking data, including visitor IPs and information on internal operations.

According to Krebs, the leaked data suggests that the Snatch cybercrime group has been using paid Google ads to deliver its malware disguised as popular applications such as Adobe Reader, Discord, Microsoft Teams, and Mozilla Thunderbird. 

Following Krebs’ findings, Mozilla issued a ‘ransomware alert’ this week, advising users to only download Thunderbird from trusted websites.

Mozilla noted that it’s actively trying to take down malicious websites offering Thunderbird, but they are hosted in Russia, which makes takedowns “difficult and often not effective”.

Thunderbird has a market share of less than one percent in the email client category. However, that still translates to a significant number of individuals and organizations, which could be targeted by the Snatch ransomware.

The US government issued an alert recently, warning critical infrastructure organizations of ongoing Snatch ransomware attacks.

Advertisement. Scroll to continue reading.

Related: FBI Warns Organizations of Dual Ransomware, Wiper Attacks

Related: After Apple and Google, Mozilla Also Patches Zero-Day Exploited for Spyware Delivery

Related: Mozilla Patches High-Severity Vulnerabilities in Firefox, Thunderbird

Source…

After Apple and Google, Mozilla Also Patches Zero-Day Exploited for Spyware Delivery


After Apple and Google, Mozilla has also released patches for an image processing-related zero-day vulnerability that has been exploited to deliver spyware. 

The existence of a new zero-day came to light on September 7, when Apple announced iOS and macOS updates to patch an exploited vulnerability tracked as CVE-2023-41064. The tech giant described the zero-day as a buffer overflow in the ImageIO component that can be exploited for arbitrary code execution using specially crafted images.

On the same day, the Citizen Lab group at the University of Torontoʼs Munk School reported that the vulnerability is part of a new zero-click exploit dubbed BlastPass that has been used to target iPhones running the latest version of iOS. 

Citizen Lab said the exploit, which had been used to deliver the NSO Group’s notorious Pegasus spyware via malicious images sent through iMessage, targeted an employee at a “Washington DC-based civil society organization with international offices”.

On September 11, Google also announced Chrome updates to patch a critical zero-day vulnerability whose existence was reported by Apple and Citizen Lab. Google, which tracks the flaw as CVE-2023-4863, said the issue impacts the WebP component used by its web browser.

WebP, an image format developed by Google, is offered as an alternative to JPEG, PNG and GIF. The significantly smaller size of WebP images results in web pages loading much faster.

The WebP format is also supported by Mozilla’s Firefox web browser, as well as its Thunderbird email client, and the organization on Tuesday announced releasing updates that should patch the zero-day. In the case of Firefox and Thunderbird, the vulnerability is in the libwebp component. Just like Google, Mozilla tracks the zero-day as CVE-2023-4863.

Advertisement. Scroll to continue reading.

Apple initially released patches for the zero-day on September 7, but only for the latest versions of iOS and macOS. On September 11, the company rolled out fixes for older versions of its operating systems, including for Macs (Monterey and Big Sur), and iPhones and iPads

The zero-day appears to have only been exploited in targeted attacks for now, but given the widespread…

Source…

Mozilla: Your New Car Is a Data Privacy Nightmare


Eighty-four percent of the brands that researchers studied share or sell this kind of personal data, and only two of them allow drivers to have their data deleted. While it is unclear exactly who these companies share or sell data to, the report points out that there is a huge market for driver data. An automotive data broker called High Mobility cited in the report has a partnership with nine of the car brands Mozilla studied. On its website, it advertises a wide range of data products—including precise location data.

This isn’t just a privacy nightmare but a security one. Volkswagen, Toyota, and Mercedes-Benz have all recently suffered data leaks or breaches that affected millions of customers. According to Mozilla, cars are the worst category of products for privacy that they have ever reviewed.

Apple has just released a security update to iOS after researchers at Citizen Lab discovered a zero-click vulnerability being used to deliver Pegasus spyware. Citizen Lab, which is part of the University of Toronto, is calling the newly discovered exploit chain Blastpass. Researchers say it is capable of compromising iPhones running the latest version of iOS (16.6) without the target even touching their device. According to researchers, Blastpass is delivered to a victim’s phone through an iMessage with an Apple Wallet attachment containing a malicious image.

The Pegasus spyware, developed by NSO Group, enables an attacker to read a target’s text messages, view their photos, and listen to calls. It has been used to track journalists, political dissidents, and human rights activists around the world.

Apple says customers should update their phones to the newly released iOS 16.6.1. The exploit can also attack certain models of iPads. You can see details of the affected models here. Citizen Lab urges at-risk users to enable Lockdown Mode.

North Korea-backed hackers are targeting cybersecurity researchers in a new campaign that is exploiting at least one zero-day vulnerability, Google’s Threat Analysis Group (TAG) warned in a report released Thursday. The group did not provide details about the vulnerability since it is currently unpatched. However, the company says it is part of a…

Source…