#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Firefox Security | Breaking Cybersecurity News | The Hacker News

Firefox to Automatically Trust OS-Installed CA Certificates to Prevent TLS Errors

Firefox to Automatically Trust OS-Installed CA Certificates to Prevent TLS Errors

Jul 02, 2019
Mozilla has finally introduced a mechanism to let Firefox browser automatically fix certain TLS errors, often triggered when antivirus software installed on a system tries to intercept secure HTTPS connections. Most Antivirus software offers web security feature that intercepts encrypted HTTPS connections to monitor the content for malicious web pages before it reaches the web browser. To achieve this, security software replaces websites' TLS certificates with their own digital certificates issued by any trusted Certificate Authorities (CAs). Since Mozilla only trusts those CAs that are listed in its own root store, the antivirus products relying on other trusted CAs provided by the operating system (OS) are not allowed to intercept HTTPS connections on Firefox. In recent months, this limitation continually crashed HTTPS pages for many Firefox users showing them SEC_ERROR_UNKNOWN_ISSUER, MOZILLA_PKIX_ERROR_MITM_DETECTED or ERROR_SELF_SIGNED_CERT error codes when their an
Mozilla Firefox Launches Web Extensions API to Support Chrome and Opera Extensions

Mozilla Firefox Launches Web Extensions API to Support Chrome and Opera Extensions

Aug 24, 2015
Should we feel happy about it? Let's find out! What Firefox has been thinking of is, it is planning to bring in Google chrome's web browser extensions to support the features of Mozilla Firefox. The parent company of Firefox i. e. Mozilla Foundation has decided to update their add-on and extension infrastructure, making Firefox more capable and user-friendly . Ranked number three, Firefox browser is seemingly thriving to attain the first position. Google Chrome and Internet Explorer are the ones ahead of it, leading to desktops and mobile devices altogether. The move will help Firefox in various ways like: Integration of new technologies like Electrolysis and Servo Protection from Adware and Spyware Shortening the time it takes to review add-ons Functionalities brought by Mozilla According to Mozilla, functionalities that are being brought with the help of modifications in Firefox Add-ons are: Introducing a Powerful add-on WebExtensions API A
How Nation-State Actors Target Your Business: New Research Exposes Major SaaS Vulnerabilities

How Nation-State Actors Target Your Business: New Research Exposes Major SaaS Vulnerabilities

Feb 15, 2024SaaS Security / Risk Management
With many of the highly publicized 2023 cyber attacks revolving around one or more SaaS applications, SaaS has become a cause for genuine concern in many boardroom discussions. More so than ever, considering that GenAI applications are, in fact, SaaS applications. Wing Security (Wing), a SaaS security company, conducted an analysis of 493 SaaS-using companies in Q4 of 2023.  Their study reveals  how companies use SaaS today, and the wide variety of threats that result from that usage. This unique analysis provides rare and important insights into the breadth and depth of SaaS-related risks, but also provides practical tips to mitigate them and ensure SaaS can be widely used without compromising security posture.  The TL;DR Version Of SaaS Security 2023 brought some now infamous examples of malicious players leveraging or directly targeting SaaS, including the North Korean group UNC4899, 0ktapus ransomware group, and Russian Midnight Blizzard APT, which targeted well-known organizat
Multiple Flaws Exposed in Pocket Add-on for Firefox

Multiple Flaws Exposed in Pocket Add-on for Firefox

Aug 21, 2015
With providing easy accessibility, the battle is not won! Server-side Vulnerabilities have been reported by a security researcher in the popular Pocket add-on that comes attached with the Firefox browser. The security flaws could have allowed hackers to exfiltrate data from the company's servers as well as populate reading lists with malicious links. The Pocket button in the Firefox browser allows you to save links, videos, web pages, or articles to your Pocket account with just a click, making it easier for you to read them later, usually offline. However, the vulnerabilities discovered by security researcher Clint Ruoho was such that it could allow hackers to get an unrestricted root access to the server hosting the application, the researcher wrote in his blog post . For this to be done, a hacker only needs: A browser The Pocket Mobile app Access to an Amazon EC2 Server which costs 2 cents an hour The researcher, with the goal of exploiting the service's main functionality
cyber security

Are You Vulnerable to Third-Party Breaches Through Interconnected SaaS Apps?

websiteWing SecuritySaaS Security / Risk Management
Protect against cascading risks by identifying and mitigating app2app and third-party SaaS vulnerabilities.
Firefox Browser to Enable Controversial HTML5 DRM to Stop Piracy

Firefox Browser to Enable Controversial HTML5 DRM to Stop Piracy

May 16, 2014
The Music Industry, Movie Studios and other companies who create media contents are always concerned with people getting access to their content without paying for it. Last year, On Request of Big Tech companies such as Microsoft, Google and Netflix, The World Wide Web Consortium (W3C) defined a new API (Application Programming Interface) called ' Encrypted Media Extensions (EME) ' in HTML5 to aid web-based video services in restricting the rights of users who utilize their services. Now the companies won't need to rely on third-party plugins like Flash and Silverlight to deliver copy-protected movies and TV shows to your browser. Instead, now they have same capabilities of Digital rights management (DRM)  right into the fabrics of the web. All other major modern web browsers, including Internet Explorer, Chrome, and Safari are supporting  Encrypted Media Extensions (EME)  within the web browser since last year, except Mozilla Firefox . Even after criticizing the use o
Cybersecurity Resources