New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


Users Being Notified by Firefox When Saved Logins are Found in Breaches

Firefox has teamed up with the data breach site Have I Been Pwned to warn users when their saved logins are compromised in breaches. Firefox Lockwise password manager and Firefox Monitor service are independent products developed by Mozilla to improve security functions. They are now slowly being integrated into Firefox directly.  Firefox 70 is said to be the version which will include these new features. Saved login data will be scanned and checked to see if they are included on any breach lists from Have I Been Pwned. If found, Firefox will send them an alert urging them to change their password. Although it is still useful, users will only be alerted when passwords are included in the breaches or when the password was saved before the breach happened. An alert icon will appear in the Lockwise password manager next to the account profile tab. When users visit the subpanel, an alert appears that states, “Passwords were leaked or stolen” as part of a data breach. Other integrations include stats for breaches that the user’s information was included in. Even though the process is moving along smoothly, these features may not be ready in time for the Firefox 70 release.

Analyst Notes

If users are looking for an added layer of security and operate on Firefox, they should consider downloading the new version when it is available. This will give them the ability to know in real-time when their information has been exposed, rather than when it is too late.