It has been discovered by the cybersecurity expert MalwareHunterTeam. The lure is a supposed unusually activity on the victim’s account. The goal: steal PII and sensitive data.
Which are the worst Firefox vulnerabilities addressed by Mozilla in version 69
Mozilla has released security updates to address vulnerabilities in Firefox. It has been reported by the company. According to the cyber security experts, an attacker could exploit some of these to take control of an affected system. This thanks to critical problems than enable malicious code execution through command line parameters for Firefox browsers on Windows OS. The issue exists because “logging-related command line parameters are not properly sanitized when Firefox is launched by another program, such as when a user clicks on malicious links in a chat application,” according to Mozilla. Other high-severity flaws fixed include a use-after-free vulnerability that could result in a “potentially exploitable crash;” a same-origin policy violation that could allow data theft, and a flaw allowing file manipulation and privilege escalation in Mozilla Maintenance Service.
Firefox 69 has new features to increase users cyber security: from blocks for third-party cookies and cryptominers to disabled default support for Adobe Flash Player
According to Mozilla, Firefox 69 for Windows, Mac, Linux and Android by default will block third-party cookies, through a new default feature called Enhanced Tracking Protection (ETP), and cryptominers. Furthermore it will disable default support for Adobe Flash Player (as Google did with Chrome 76). Users, however, can enable it, but manually. The goal is to increase the cyber security of the users, regardless of which system the use. According to the company, ETP “works behind-the-scenes to keep a company from forming a profile of you based on their tracking of your browsing behavior across websites — often without your knowledge or consent. Those profiles and the information they contain may then be sold and used for purposes you never knew or intended. Enhanced Tracking Protection helps to mitigate this threat and puts you back in control of your online experience.”