An Interest In:
Web News this Week
- April 3, 2024
- April 2, 2024
- April 1, 2024
- March 31, 2024
- March 30, 2024
- March 29, 2024
- March 28, 2024
September 11, 2021 05:34 pm
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/IBM-_ziyxU4/security-weaknesses-in-mozilla-vpn-found-and-addressed-by-audit
Security Weaknesses in Mozilla VPN Found and Addressed by Audit
"Recently, browsing leader Mozilla shared the result of an independent security audit on its VPN service," reports Fossbytes. "Upon inspection, a few vulnerabilities were discovered in the VPN, one of which was reportedly a major risk."In a blog post, Mozilla shared that Cure53, a Berlin-based cybersecurity firm, had identified and fixed the security vulnerabilities in its VPN... The most severe issue, labeled "FVP-02-014," made the user vulnerable to cross-site WebSocket hijacking. Moreover, the medium-risk vulnerabilities revolved around "VPN leak via captive portal detection" and "Auth code leak" by injecting the port. However, these sophisticated terms shouldn't worry you anymore as Cure53 has already addressed these weaknesses. There has also been no mention of any Mozilla VPN users falling victim to these either. The Firefox developer's public post that outlines the security flaws detected by the German firm provides users an insight into the potential risks of using a VPN. Moreover, these audits also help Mozilla iron out any issues that its one-year-old VPN service might have.Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/IBM-_ziyxU4/security-weaknesses-in-mozilla-vpn-found-and-addressed-by-audit
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot