Mozilla is continuing to build a secure web platform which is a crucial part of its mission to move the Web forward as a platform for openness, innovation and opportunity for all.
According to Mozilla Blog, today Mozilla Teams with BlackBerry for Browser Security. The BlackBerry Mozilla collaboration is know as fuzzing and Mozilla introduced Minion. Minion is an open source security testing platform for developers and security professionals.
BlackBerry and Mozilla both use fuzzers extensively. Mozilla used Peach Fuzzer to test against various HTML5 features: Image formats, audio/video formats, fonts, multimedia, API, ect. and also to secure Firefox and Firefox OS users. BlackBerry used large scale automated testing to identify security issues via third-party fuzzers.
Samsung pass Apple for the first time in global mobile web traffic. Samsung takes the number one spot for internet usage.
StatCounter a website analytic firm also reported that in the U.S. Google’s Chrome pass Microsoft’s Internet Explorer for the first time.
NBC.com was compromised, an iframe was modified which allowed content to load from another website. NBC joins the list of other websites to be attached recently: Apple, Facebook, Twitter, and Burger King. Facebook and Google blocked users from accessing NBC, Facebook did not allow users to post NBC links on its website.
Other NBC websites were attacked as well such as Late Night with Jimmy Fallon and Jay Leno’s Garage.
NBC identified and resolved the RedKit malware. Security experts warn visitors that the site may have infected their computer with the RedKit malware.
The RedKit malware was first publicly identified last May, it targets vulnerabilities in applications such as Java and Adobe Reader.
Firefox 19 launched today. The biggest change is the PDF reader. The PDF reader is built within the browser now you do not have to rely on Adobe Reader to view PDFs.
Other updates includes higher performance at start up and other bug fixes. For more Click Here
We reported the Microsoft Internet Explorer Flaw on Sept 17. MS released Security Update MS12-063 an emergency security to eliminated the IE zero-day bug that has attacked computers through vulnerability in IE 9. This security update is rated Critical for Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, and Internet Explorer 9.
MS Trustworthy Computing director Yunsun Wee released the following statement, “The majority of customers have automatic updates enabled and will not need to take any action because protections will be downloaded and installed automatically. For those manually updating, we encourage you to apply this update as quickly as possible. For more on MS Security Update MS12-063 Click Here.
Microsoft Warns of Internet Security Flaws. The newly discovered IE bug makes PCs vulnerable to hackers attack and urge customers to download security software to mitigate the risk of infection. Hundred of millions of IE browser users are affected by the security flaw. Microsoft said that attackers can exploit the bug to infect a PC who visits a malicious website and take control of the victim’s computer.
MS advise customers to install the security software until the bug is fixed and a new version of IE is released. Enhanced Mitigation Experience Toolkit (EMET) is the free security tool that is available on MS website.
Click Here to read more about MS Security Advisory 2757760.
Click Here to download EMET