I often recommend NoScript; a Firefox extension that helps protect you from drive-by downloads. Unfortunately, this week I’m warning you that it can also help attackers hijack Firefox. Watch today’s video to learn more about CrossFire.
(Episode Runtime: 2:56)
Direct YouTube Link: https://www.youtube.com/watch?v=aIAEqDcXZLY
EPISODE REFERENCES:
- CrossFire: An Analysis of Firefox Extension-Reuse Vulnerabilities [PDF] – Buyukkayhan.com
- NoScript and other extensions open Firefox to attack – Ars Technica
- EXTRA: Congress’ anti-encryption bill is ridiculous – TechDirt
— Corey Nachreiner, CISSP (@SecAdept)
Leave a Reply