Mozilla patched a zero day uncovered at Pwn2Own in Firefox in 22 hours on Friday.
Tag Archives: Mozilla
Firefox 52 Expands Non-Secure HTTP Warnings, Enables SHA-1 Deprecation
The latest version of Firefox expands non-secure HTTP warnings, enables SHA-1 deprecation by default, and removes support for NPAPI.
Intermediate CA Caching Could Be Used to Fingerprint Firefox Users
The way Firefox caches intermediate CA certificates could allow for the fingerprinting of users and the leakage of browsing details, a researcher warns.
HTTPS Hits 50 Percent Traffic Milestone
This week HTTPS hit a huge milestone. According to a two-week survey of telemetry data from the Mozilla Firefox browser, 50 percent of page loads used HTTPS.
Mozilla Patches Firefox Zero Day Used to Unmask Tor Browser Users
Mozilla released a new version of Firefox on Wednesday to address a zero day vulnerability that was actively being exploited to de-anonymize Tor Browser users.
Mozilla Patches 29 Vulnerabilities, Prevents MIME Confusion Attacks, in Firefox 50
Mozilla addressed 29 vulnerabilities, three critical, when it released the latest iteration of its flagship browser, Firefox 50 on Tuesday.
Google to Distrust WoSign, StartCom Certs in 2017
Google announced Monday that it will distrust certificates issued by WoSign and StartCom when in it ships Chrome 56 in January 2017.
Mozilla Turning TLS 1.3 On By Default With Firefox 52
Martin Thomson, a Principle Engineer at Mozilla confirmed TLS 1.3 will be turned on by default in Firefox 52.
Mozilla Reduces Threat of Export-Grade Crypto to Firefox
The Firefox browser will now deny TLS connections to servers using weak Diffie-Hellman keys.
Mozilla Wants to Drop WoSign as Trusted CA
Mozilla has proposed banning new SHA-1 certificates from Chinese Certificate Authority WoSign for one year after it accused the CA of back-dating the deprecated certs.