At this year’s edition of the Extend Firefox contest, the Firefox team invites all talented developers to show up with new plugins ideas for the popular browser.
A group of specialists formed by people from Mozilla, Yahoo, StumbleUpon, Netvibes, del.ici.ous and Adaptive Path, will review the projects and decide who will be rewarded with:



-The Grand Prize for 3 people, each receiving the Ultimate Firefox Developer Kit which includes:

• Travel and accommodation to a Mozilla Developer Day of the winner's choice, anywhere in the world
• Development gear, including a brand new 15" Macbook Pro with VMware Fusion and ActiveState Komodo
• 1 Year Unlimited Access subscription to O'Reilly's Safari Library
• Firefox Ogio Messenger Bag stuffed with t-shirts, books, stickers, mugs, and more

-The Runner-Up Prize for 12 people that will receive Firefox Pack each, including:

• Firefox Ogio Messenger Bag stuffed with t-shirts, books, stickers, and more
• ActiveState Komodo, mug, and t-shirt
• A $200 Gift Certificate for O'Reilly Books

All qualifiers will receive a Limited Edition Extend Firefox T-Shirt.
The Extend Firefox contest will last until the end of the year.



Besides this developing contest, there is another one initiated by Firefox, and that is Operation Firefox.
It consists of recruiting 50 future agents that will have the honor to place huge Firefox stickers in places like the Everest Mountain or NYC Rush-Hour Bustle.
We will wait anxious to know the winners.

The version of the Gozi Trojan was discovered this Tuesday while Russian hackers started to spread malware-tainted PDF files used to hijack computers remotely and steal all financial-related data.
This way, the Adobe PDF Reader is transformed into a malware installer that loads the Trojan on the computers.

Don Jackson, a researcher for SecureWorks, warns Adobe Reader’s and Acrobat’s users to upgrade immediately to the newest version.
He also highlighted the fact that only 26% of the antiviruses are offering protection against this malware type.

Here are a few names under it can be detected: OrderGun, Germ, Orderjack, Pinch, Small.BS, Ursnif, Snifula and CWS.

The Gozi Trojan is based on Winsock2 functionality that permits it to snoop on traffic even when it is protected in Secure Socket Layer sessions.
More than that is using customized server/database code to collect the sensitive data.

Read more details about how it acts here.

According to a post on ITBackbones website, some Windows XP users are confronting with a new malware targeting Adobe versions that have not been upgraded yet.
If you receive in your inbox a PDF under a title like YOUR_BILL.pdf or INVOICE.pdf, do not access it.

This is what Andrew Clarke, Senior Vice President of Lumension Security, one of the leading security management companies, declared about the problem:

“It seems the race is on for Windows XP users to protect their PCs - both at home and in the office. Hackers are often looking to exploit holes in software once a fix has been made public by the software vendor and before the user has time to patch. And, it is often human curiosity that proves the Achilles heel of security matters. Computer users need to be suspicious of any Adobe documents named as a ‘bill’ or ‘invoice, until they have applied the latest patch.
As the receipt of bills and invoices over email becomes more commonplace, it is likely that some unsuspecting users will fall victim to this latest attack. To avoid infection, computer users need to download the latest version of Adobe 8.1.1 to secure their PCs.
Upgrading to the latest software can be done at the touch of a button for consumers, making it simple to protect against this attack. However, the inconvenience of not being able to use an application straight away makes some users click the ‘apply later’ option, leaving them exposed for longer. For businesses, applying the latest patch is not so simple - as software alterations must be tested against the individual infrastructure before it is applied. Applying a piece of code that conflicts with your current system could lead to a period of downtime for the user.”

On Monday, Adobe has release the update that fixes the vulnerability discovered in September by Petko D Petkov, which was affecting computers using Microsoft Windows XP and Internet Explorer 7.

The method was to make a user accept a malicious file in Adobe Acrobat or Adobe Reader, in order to allow the attacker to take remotely control of the machine.
Now users can upgrade to Adobe Reader 8.1.1 or Acrobat 8.1.1., until the company will release fixes for the previous affected versions.

Who needs to keep the older version, has to disable the “mailto” function in Acrobat, Acrobat 3D and Adobe Reader, from the Windows registry.

The latest version of Firefox, released on October 18, has fixed several security issues and has now support for Romanian and Georgian Languages. There is available for testing a beta version for Kurdish.

More, it also has now support for Leopard (Mac OS X 10.5) operating system.

The security flaws repaired are:

- URIs with invalid %-encoding mishandled by Windows;
- XPCNativeWrapper pollution using Script object;
- Possible file stealing through sftp protocol;
-XUL pages can hide the window titlebar;
- File input focus stealing vulnerability;
- Browser digest authentication request splitting;
- onUnload Tailgating;
-Crashes with evidence of memory corruption (rv:1.8.1.8).