Pinging dayglored, ShadowAce, and ThunderSleeps for your lists.
Cross platform and browser vulnerability Ping!
If you want on or off the Mac Ping List, Freepmail me.
All it takes is a little Windex.
Pinging dayglored, ShadowAce, and ThunderSleeps for your lists.
If you want on or off the Mac Ping List, Freepmail me.
Academics? I have to believe that something's been lost in translation there.
Will caching be a path to exposure, and perhaps launching the browser in the background without user noticing?
Merde.
“Neither the original MarioNet attack or the subsequent botnet operations require attackers to exploit browser vulnerabilities, but merely abuse existing JavaScript execution capabilities and new HTML5 APIs.”
So much for HTML5 being safer than Flash.
As for Java Script it is better to block it on any site that you don’t trust. If can’t read the site without it then just leave the site. Nothing is more dangerous than JavaScript.
I’ve had this type of exploit happen since I upgraded my Debian 8 Linux machine to a more recent Firefox version. The upgrade made my No Script plugin not work and changed my Java Script package. Another issue is how Firefox manages the security package, I’ve helped it some with changes that I made to TLS methods. There are not graphic adjustments for it, they must be done via about:config
It takes a little time to understand and I’m still having browser crashes.
Also noticed something called [Web content] and it’s -child ‘s that make something like a denial of service attack.
I have no doubt some people are planning to monitor our content and block it actively. It is probably not just Firefox that is on the block.
Firefox has been the best common browsers as far as security is concerned. But they did take Soros money a couple of years ago. Need I say more?
This may be related too.
New Metasploit Payloads for Firefox Javascript Exploits
https://blog.rapid7.com/2014/01/23/firefox-privileged-payloads/
This doesn’t surprise me, for years if you had youtube open and playing in Safari on Mac and then closed a MacBook Air, the youtube video would keep playing.
The first time I reported this they made me document it like crazy, then it got fixed and now it’s happening again and it seems like it’s a common problem with either background SW still running after the lid is closed, or a corrupted SMC or NVRAM or PRAM.
https://www.guidingtech.com/47697/macbook-sleep-issues/
Not surprising that some hacker scum are taking advantage of this or something similar to run a process as described in your article.
We need Saudi punishments for hackers. Chop off their hands.
Regarding the table you referenced, I’m assuming Opera is also compromised as well? Opera shows up as chrome when I use it (and I use it primarily on the laptop I have running UBUNTU).
This is something released into the wild from some country’s cyber warfare toolbox. Wikileaks has many of the CIA toolbox’s from Snowden’s treasonous activities.
if necessary, messing with the other ten preferences might also be a good idea.
Thanks Swordmaker!
Have one of those Browsers!
(How was the cruise?)
Thanks Swordmaker
It can even happen here at the FR with no ads. Go hit the Marshmallow Beer thread and watch the processes and connections. Everyone needs to be careful from what source they link to on here. Those links complete a connection to spam API services in our browsers.
And clear your cookies/cache.
