Finally a proactive measure from Adobe to try and remedy the horrible security flaws they have introduced to Firefox with their Flash Player. There have been some massive hacks recently due to Flash – – Hackers Exploiting Latest Adobe Flash Bug On Large Scale – Adobe Patches Latest Flash Zero Day Vulnerability – Adobe Promises […]
Tags: adobe, adobe flash, adobe flash player, adobe flash security, firefox, firefox-security, flash, flash exploit, flash exploits, flash player security, flash sandbox, flash security, flash vulnerabilities, hacking-firefox, hacking-flash
Posted in: Countermeasures, Security Software, Web Hacking | Add a CommentSeems like Pwn2Own is getting a reputation for uncovering some pretty nasty browser based vulnerabilities, once again this year Firefox, Safari and IE8 were all broken wide open. The latest development is Mozilla has beaten both Microsoft and Apple to the punch and released Firefox 3.6.3 patching the vulnerability. Again it was a critical vulnerability […]
Tags: aslr, data execution prevention, dep, firefox, firefox 3.6.3, firefox exploit, firefox patch, firefox-vulnerability, hacking ie8, hacking safari, hacking-contest, hacking-firefox, ie8 exploit, ie8 security, nils, peter vreugdenhil, pwn2own, safari vulnerability, safari-exploit, safari-security, tipping point, tippingpoint
Posted in: Exploits/Vulnerabilities, Web Hacking | Add a CommentThis is an interesting development, I noticed the pop-up on my Firefox yesterday. The reason however wasn’t security it was ‘instability’. It’s a fair move by Mozilla though as the add-on can cause security vulnerabilities in Firefox outside of their control. They can’t fix the software, so the best thing they can do to ensure […]
Tags: .NET, .net framework assistant, .net security, blocklist, firefox, firefox .net add-on, firefox add-on security, firefox blocklist, firefox plug-in blocklist, firefox-security, firefox-vulnerability, hacking-firefox, ie8 vulnerability, windows presentation foundation
Posted in: Exploits/Vulnerabilities, Windows Hacking | Add a CommentAh a bug in our beloved Firefox, after the latest 3.5 update (which sees some definite improvements). The last one I recall was the Clickjacking Vulnerability, which also effected Chrome. It seems like it’s not too serious of an issue and will only cause crashing, there’s no room for remote exploitation or code execution. So […]
Just remember that even though Firefox tends to be more secure than Internet Exploder – it’s not immune from vulnerabilities (although they do tend to get fixed much much faster). The latest one that’s cropped up in both Firefox and Chrome is a clickjacking vulnerability. This is basically where a link is replaced by an […]
Tags: chrome, chrome clickjacking, click jacking, firefox, firefox clickjacking, firefox exploit, firefox-vulnerability, google chrome, google chrome clickjacking, google chrome exploit, google chrome vulnerability, hacking google chrome, hacking-firefox
Posted in: Exploits/Vulnerabilities, Web Hacking | Add a CommentWell seen as though we were talking about breaking passwords, here’s a tool for Firefox to help you manage your more secure passwords. Better security without bursting your brain Password Hasher is a Firefox security extension for generating site-specific strong passwords from one (or a few) master key(s). What good security practice demands: Strong passwords […]
FireCAT is a Firefox Framework Map collection of the most useful security oriented extensions. Version 1.3 was pending the ExploitMe tools availability to the public. Changes for version 1.3 Category Information Gathering (Googling and Spidering) GSI Google Site indexer (GSI Creates Site Maps based on Google queries. Useful for both Penetration Testing and Search Engine […]
It seems a data leakage bug has struck Firefox recently and has been confirmed by Window Snyder the security bod at Mozilla. It’s basically a Chrome directory traversal bug (It seems a lot of the Firefox issues have had to do with chrome?). It’s rated as low risk, but it can give away the existence […]
As mentioned in the previous FireCAT 1.1 post, FireCAT 1.2 was released last month. If you aren’t aware, FireCAT is a Firefox Framework Map collection of the most useful security oriented extensions. Changes for FireCAT 1.2 Renamed subcategory “Social Engineering” to “Data mining” Bibirmer updated location (thanks to Zagrodzki Krzysztof from Telekomunikacja Polska) Enhanced History […]
FireCAT is a Firefox Framework Map collection of the most useful security oriented extensions. It can be used to turn your favorite browser (Firefox) into a powerful security framework. FireCAT comes from “Firefox Catalog of Auditing Toolbox” Changes for FireCAT 1.1 + Category Network Utililies – Added ffsniff to subcat “Sniffers” – Added CrossFTP to […]
