PYMNTS-MonitorEdge-May-2024

Hackers Hit Mozilla Bug Tracker To Target Firefox Users

Mozilla, the company behind the Firefox Web browser, reported hackers gained access to its bug tracker Bugzilla and stole security-sensitive data.

In a company blog post disclosing the security breach, Mozilla said it believe the stolen information was used by the hackers to attack Firefox users.

Since the hack was discovered, Mozilla confirmed it has conducted an investigation and taken several steps to neutralize the immediate threat of the breach.

While the company did not provide details on exactly how the compromised information was used to target Firefox users, it said it was making improvements to its bug tracker in an effort to safeguard its products, developer community and users from the hackers.

[bctt tweet=”Mozilla’s bug tracker was hacked, and stolen security information could be used to “attack” Firefox users”]

Bugzilla is an open-source tool used for tracking “bugs” or flaws in Mozilla software. The information on Bugzilla is open to the public but access to security-sensitive information is restricted to certain privileged users.

The company plans to update Bugzilla’s security practices in order to prevent similar attacks happening again in the future.

“As an immediate first step, all users with access to security-sensitive information have been required to change their passwords and use two-factor authentication. We are reducing the number of users with privileged access and limiting what each privileged user can do,” the blog post stated. “In other words, we are making it harder for an attacker to break in, providing fewer opportunities to break in, and reducing the amount of information an attacker can get by breaking in.”

Mozilla also released a new version on Firefox, the world’s second-largest browser by users, on Aug. 27 to address all of the vulnerabilities the cybercriminals may have learned about through the hack, which could have been used to harm the Web browser’s users.

For more on the digital identity ecosystem, click here to take a look at PYMNTS’ Digital Identity Tracker (powered by Oberthur Technologies), which helps identify the issues and trends that arise around the digital identity ecosystem.

[vc_row full_width=”” parallax=”” parallax_image=””][vc_column width=”1/1″][/vc_column][/vc_row][vc_row full_width=”” parallax=”” parallax_image=””][vc_column width=”1/1″][vc_separator color=”grey” align=”align_center” style=”” border_width=”” el_width=””][vc_single_image image=”148412″ alignment=”center” style=”vc_box_shadow_3d” border_color=”grey” img_link_large=”” img_link_target=”_blank” css_animation=”left-to-right” img_size=”full” link=”http://www.pymnts.com/whats-hot-today/”][vc_column_text css_animation=””]

To check out what else is HOT in the world of payments, click here.

[/vc_column_text][vc_separator color=”grey” align=”align_center” style=”” border_width=”” el_width=””][/vc_column][/vc_row]

PYMNTS-MonitorEdge-May-2024