[SecurityWeek] Mozilla Blocks Malicious Firefox Add-Ons Abusing Proxy API

The open-source Mozilla Foundation says it blocked a series of malicious Firefox add-ons that misused the proxy API that extensions use to proxy web requests.

The API allows add-ons to control the manner in which the browser connects to the Internet, and some extensions were found to abuse this.

read more

Source: Read More (SecurityWeek RSS Feed)

You might be interested in …

[HackerNews] Russian TrickBot Gang Hacker Extradited to U.S. Charged with Cybercrime

All posts, HackerNews

A Russian national, who was arrested in South Korea last month and extradited to the U.S. on October 20, appeared in a federal court in the state of Ohio on Thursday to face charges for his alleged role as a member of the infamous TrickBot group. Court documents showed that Vladimir Dunaev, 28, along with […]

Read More

[SANS ISC] Bumblebee Malware from TransferXL URLs, (Thu, May 19th)

All posts, Sans-ISC

Introduction Last month, Google’s Threat Analysis Group (TAG) reported on EXOTIC LILY using file transfer services like TransferNow, TransferXL, WeTransfer, or OneDrive to distribute malware (link).  Threat researchers like @k3dg3 occasionally report malware samples from this activity.  Based on @k3dg3’s recent tweet, I searched through VirusTotal and found a handful of active TransferXL URLs delivering […]

Read More

[SecurityWeek] Android’s March 2022 Security Updates Patch 39 Vulnerabilities

All posts, Security Week

Google this week announced the release of patches for 39 vulnerabilities as part of the March 2022 security update for Android. The most serious vulnerability is CVE-2021-39708, a remotely exploitable elevation of privilege issue identified in the System component. read more Source: Read More (SecurityWeek RSS Feed)

Read More