Listen to the whispers: web timing attacks that actually work
Websites are riddled with timing oracles eager to divulge their innermost secrets. It's time we started listening to them.
General
20 articles
Fickle PDFs: exploiting browser rendering discrepancies
Imagine the CEO of a random company receives an email containing a PDF invoice file. In Safari and MacOS Preview, the total price displayed is £399.
A hacking hat-trick: previewing three PortSwigger Research publications coming to DEF CON & Black Hat USA
We're delighted to announce three major research releases from PortSwigger Research will be published at both Black Hat USA and DEF CON 32.
Firefox will upgrade more Mixed Content in Version 127
Most of the web already supports HTTPS: In fact, 93% of requests made by Firefox are already HTTPS. As a reminder, HTTP over TLS (HTTPS) fixes the security s...
Refining your HTTP perspective, with bambdas
When you open a HTTP request or response, what do you instinctively look for? Suspicious parameter names?
Introducing SignSaboteur: forge signed web tokens with ease
Signed web tokens are widely used for stateless authentication and authorization throughout the web.
Rapidly Leveling up Firefox Security
At Mozilla, we believe in an open web that is safe to use. To that end, we improve and maintain the security of people using Firefox around the world.
Using form hijacking to bypass CSP
In this post we'll show you how to bypass CSP by using an often overlooked technique that can enable password theft in a seemingly secure configuration. What...
Hiding payloads in Java source code strings
In this post we'll show you how Java handles unicode escapes in source code strings in a way you might find surprising - and how you can abuse them to concea...
Finding that one weird endpoint, with Bambdas
Security research involves a lot of failure.
Mozilla VPN Security Audit 2023
To provide transparency into our ongoing efforts to protect your privacy and security on the Internet, we are releasing a security audit of Mozilla VPN that ...
Blind CSS Exfiltration: exfiltrate unknown web pages
This is a gif of the exfiltration process (We've increased the speed so you're not waiting around for 1 minute). Read on to discover how this works.
The single-packet attack: making remote race-conditions 'local'
The single-packet attack is a new technique for triggering web race conditions.
How to build custom scanners for web security research automation
In this post, I'll share my approach to developing custom automation to aid research into under-appreciated attack classes and (hopefully) push the boundarie...
Version 2.9 of the Mozilla Root Store Policy
Online security is constantly evolving, and thus we are excited to announce the publication of MRSP version 2.9, demonstrating that we are committed to keep ...
Smashing the state machine: the true potential of web race conditions
For too long, web race condition attacks have focused on a tiny handful of scenarios.
Updated GPG key for signing Firefox Releases
The GPG key used to sign the Firefox release manifests is expiring soon, and so we’re going to be switching over to new key shortly. The new GPG fingerprint ...
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed.
Twitter Whistleblower Complaint: The TL;DR Version
Twitter is blasted for security and privacy lapses by the company’s former head of security who alleges the social media giant’s actions amount to a national...
Firewall Bug Under Active Attack Triggers CISA Warning
CISA is warning that Palo Alto Networks’ PAN-OS is under active attack and needs to be patched ASAP.