We are excited to get this much attention with our CTF. Unfortunately, this means that we will have to close down registration soon. Registration will be closed on Friday or as soon as we hit the limit of 150 teams … Continue reading
Posts in “Uncategorized”
This is an update on the prior Mozilla CTF announcement: The registration starts now! As mentioned earlier, the CTF is on January 25th and will go for 24 hours. Everybody is invited, also see FAQ Teams registered via E-Mail … Continue reading
Several members of the Mozilla Security team will participate in an AMA on reddit this morning. You can find it here!
Announcing the Mozilla CTF hacking competition Per the announcement during Frederik Braun’s presentation today, Mozilla will host a CTF event in January, 2012. The Mozilla CTF will take place on January 25, 2012 (24 hours, PST). (Yes, this … Continue reading
On Wednesday 14th December, Mark Goodwin from Mozilla’s Infrastructure Security team will be presenting a guest lecture on web and application security at Sheffield Hallam University. The talk explores how a system is viewed by an attacker and how adopting … Continue reading
We’re committed to security at Mozilla and take every opportunity throughout the development lifecycle to integrate security controls, guidance and verification. One of the items that we’ve found successful thus far is the secure coding guidelines document for web applications. … Continue reading
On Thursday, Aug 25, Mozilla will be hosting the OWASP Bay Area chapter meeting. This free event will bring together nearly 100 security experts in the bay area to discuss current security topics and defenses. Although the registration is now … Continue reading
Zack Weinberg did a great blog post explaining the recent changes in Firefox 3.5.11 and 3.6.7 to mitigate cross-site data theft using CSS. This is a mitigation for an issue originally “rediscovered” by Chris Evans.
Issue There has been discussion today about a Firefox feature that warns users when a site’s URL is deceptive. When a Firefox user visits a site with a url that might be deceptive (e.g. http://email@example.com/) , Firefox will stop the … Continue reading
Mozilla launched its security bounty program in 2004 and while the original mission of protecting users by supporting security research has not changed, the security environment has changed tremendously. In recognition of these changes we are updating our security bounty … Continue reading