Fixing a Security Bug by Changing a Function Signature
Or: The C Language Itself is a Security Risk, Exhibit #958,738 This post is aimed at people who are developers but who do not know C or low-level details … Read more
Or: The C Language Itself is a Security Risk, Exhibit #958,738 This post is aimed at people who are developers but who do not know C or low-level details … Read more
Firefox uses Inter-Process Communication (IPC) to implement privilege separation, which makes it an important cornerstone in our security architecture. A previous blog post focused on fuzzing the C++ side … Read more
This blog post is one of several guest blog posts, where we invite participants of our bug bounty program to write about bugs they’ve reported to us. Continuing with … Read more
This blog post is one of several guest blog posts, where we invite participants of our bug bounty program to write about bugs they’ve reported to us. This is a … Read more
This blog post is one of several guest blog posts, where we invite participants of our bug bounty program to write about bugs they’ve reported to us. Fenix is a … Read more
This blog post is one of several guest blog posts, where we invite participants of our bug bounty program to write about bugs they’ve reported to us. Background In … Read more
This blog post is the first of several guest blog posts we’ll be publishing, where we invite participants of our bug bounty program to write about bugs they’ve reported … Read more
In November of 2019 we added static analysis bounties for CodeQL queries and Clang plugins. Github has a great CodeQL portal with detailed instructions for creating a database that will … Read more
Welcome to Mozilla’s new Attack & Defense blog. We’re going to use this blog as a vehicle for tailored content specifically for engineers, security researchers, and Firefox bug bounty participants. … Read more
This post first appeared on the Mozilla Security Blog I recently gave a talk at OWASP Global AppSec in Amsterdam and summarized the presentation in a blog post about how … Read more
This post first appeared on the Mozilla Security Blog. At Github Universe, Github announced the GitHub Security Lab, an initiative to help secure open source software alongside the community and … Read more