Tag: Mozilla

  • Forbes: Lazy Vulnerability Reporting & A Bit of Bias

    Forbes: Lazy Vulnerability Reporting & A Bit of Bias

    It may have been almost two decades ago, I joked with colleagues that many Information Security news articles could just be done via Mad Libs. We later joked that breach notifications often appeared to be done via Mad Libs, using the same phrases with different organization names and the number of affected customers. Over the…

  • The Great (belated) Mozilla Firefox CVE Dump

    The Great (belated) Mozilla Firefox CVE Dump

    [This was originally published on RiskBasedSecurity.com.] On June 11th, MITRE published descriptions and references for 318 entries, all relating to Mozilla Firefox. Yes; three hundred and eighteen entries. It may be tempting to think Mozilla was holding back on disclosures or there was a flurry of research activity leading to a slew of new vulnerabilities being discovered.…

  • Mozilla and Transparency

    Mozilla and Transparency

    [Back in 2015, Mozilla promised transparency but was anything but regarding some products and vulnerabilities. I had contacted Slackware trying to determine if they were impacted and found out their hands were tied, due to Mozilla. I am posting my raw notes as-is, just so they are public and can be referenced.] https://blog.mozilla.org/security/2015/09/04/improving-security-for-bugzilla/Openness, transparency, and…