Tweets
- Tweets, current page.
- Tweets & replies
- Media
You blocked @attackndefense
Are you sure you want to view these Tweets? Viewing Tweets won't unblock @attackndefense
-
Pinned Tweet
Please report bugs. If you - or someone else - improves exploitability after initial report, the bounty will be increased. If you're second reporter, you will be pro-rated. I guess I can only speak for our bounty program but come on industry, you can do better.
#bugbountytipshttps://twitter.com/mcipekci/status/1385686425677541376 …Thanks. Twitter will use this to make your timeline better. UndoUndo -
If you want to learn more about how we do browser fuzzing at Mozilla - and our open source tools - check out https://blog.mozilla.org/attack-and-defense/2021/05/20/browser-fuzzing-at-mozilla/ … !
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Attack and Defense Retweeted
and there is another shorter one i co-wrotehttps://blog.mozilla.org/security/2021/05/18/introducing-site-isolation-in-firefox/ …
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
Attack and Defense Retweeted
woooooooo i wrote (and illustrated) a blog post about Site Isolation in Firefox for Desktop and its finally published!
https://hacks.mozilla.org/2021/05/introducing-firefox-new-site-isolation-security-architecture/ …Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
Attack and Defense Retweeted
Terrific overview of process isolating sites in Firefox by
@annygakh:https://hacks.mozilla.org/2021/05/introducing-firefox-new-site-isolation-security-architecture/ …Thanks. Twitter will use this to make your timeline better. UndoUndo -
We just published our Firefox Security Newsletter summarizing the work of Q1 2021! Check it out at https://groups.google.com/a/mozilla.org/g/dev-platform/c/7WcVNpOcHoQ …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Ever wondered how people find browser sandbox escapes? Wonder no more, because this blog post explains how to find, debug and invoke IPC messages. From JavaScript. Using
@FirefoxDevTools.https://blog.mozilla.org/attack-and-defense/2021/04/27/examining-javascript-inter-process-communication-in-firefox/ …Thanks. Twitter will use this to make your timeline better. UndoUndo -
Attack and Defense Retweeted
Exploit Development: Browser Exploitation on Windows - Understanding Use-After-Free Vulnerabilitieshttps://connormcgarr.github.io/browser1/
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Attack and Defense Retweeted
Brave — Stealing your cookies remotelyhttps://infosecwriteups.com/brave-stealing-your-cookies-remotely-1e09d1184675?source=rss----7b722bfd1b8d---4 …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Firefox 87 introduces SmartBlock for Private Browsinghttps://blog.mozilla.org/security/2021/03/23/introducing-smartblock/ …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Effectively, we're changing our default *Referrer Policy* to ‘strict-origin-when-cross-origin’. You can also tell Firefox to stop sending all referrers, if you don't mind the occasional website breakage. Instructions at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy#firefox_preferences …!
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
Starting tomorrowish, your
@Firefox will trim all referrer information for cross-origin navigations: https://blog.mozilla.org/security/2021/03/22/firefox-87-trims-http-referrers-by-default-to-protect-user-privacy/ … (Unless you use@FirefoxNightly. Then you get all the good stuff 8 weeks in advance :)Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
Did you know that about 73% of your HTTP requests could be silently upgraded to HTTPS? Check our Insights into HTTPS-Only mode blog post, a mode that makes these upgrades convenient without breaking page loads for insecure legacy content!https://blog.mozilla.org/attack-and-defense/2021/03/10/insights-into-https-only-mode/ …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Attack and Defense Retweeted
We finally published our highlights from Firefox Security in Q4 of 2020 https://wiki.mozilla.org/Firefox_Security_Newsletter/FSN-2020-Q4 … Huge kudos to all those developers and security engineers who are working so hard to keep Gecko the best implementation of the web platform ;)
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Blogged: Part 2 of nishimunea's tips on earning Bug Bounties in Fenix:https://blog.mozilla.org/attack-and-defense/2021/02/09/guest-blog-post-good-first-steps-to-find-security-bugs-in-fenix-part-2/ …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
IPC (Inter-Process Communication) provides a cornerstone in the Firefox multi-process Security Architecture. Here's how our message passing works and how you could fuzz it:https://blog.mozilla.org/attack-and-defense/2021/01/27/effectively-fuzzing-the-ipc-layer-in-firefox/ …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Attack and Defense Retweeted
The writeup for CVE-2020-16012 is out! This was such a fun bug, thanks a lot to
@attackndefense for helping me edit and publish the writeup. https://twitter.com/attackndefense/status/1348667332848181251 …pic.twitter.com/KqtkeqHHNOThanks. Twitter will use this to make your timeline better. UndoUndo -
Guest Blog Post by
@aleksejspopovs - Leaking silhouettes of cross-origin imageshttps://blog.mozilla.org/attack-and-defense/2021/01/11/leaking-silhouettes-of-cross-origin-images/ …Thanks. Twitter will use this to make your timeline better. UndoUndo -
New guest blog post by nishimunea giving tips on earning bug bounties in Fenix - https://blog.mozilla.org/attack-and-defense/2020/12/08/good-first-steps-in-fenix-part-1/ … - look for part 2 early next year!
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Introducing optional HTTPS-Only Mode
in Firefox 83!
Firefox will always try to use secure connections by default!
Firefox asks for your permission before connecting to a website that doesn’t support HTTPS.
See https://blog.mozilla.org/security/2020/11/17/firefox-83-introduces-https-only-mode/ … for more!Thanks. Twitter will use this to make your timeline better. UndoUndo
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.