ClickJacking is a relatively old vulnerability that has been around since 2002, however it has been recently brought back to life by Robert Hansen and Jeremiah Grossman who provided moreexploitation means and proof of conceptsthat made it the most discussed topic in the web application security industry. Theexploit works through hidden overlapping iframes generated with CSS or javascriptthat would trick the user into clicking onbuttons and links he wouldn't otherwiseclick. A particular vulnerability exists in Adobe's Flash Software, which allows themalicious attacker to use ClickJacking to gain access to the user's web-cam andmicrophone. This, as theorized by thetwo researchers can create a full-fledgedattack tool for corporate or governmentespionage. Beside the Fear UncertaintyDoubt used to push this new research,it has been taken seriously both fromAdobe that released a patch to solve theissue and from the browsers vendorsthat are still at the designing stage for thesolution but rushing to release it. At nowthe only protection left for end users, beforeanything official comes out from browsersvendors, is to use the latest version of Noscript addon for Firefox that ships withthe ClearClick feature.In the words of Noscript's authorwhenever you click or otherwise interact,through your mouse or your keyboard, withan embedded element which is partiallyobstructed, transparent or otherwisedisguised, NoScript prevents the interactionfrom completing and reveals you the realthing in "clear"
Artikel Terpopuler
-
2016-08-09 18:38:19.0 Guangzhou Int'l Parcel Center received 2016-08-09 18:38:25.0 Guangzhou Int'l Parcel Center customs scan 20...
-
Despite that at the end of this post you will find a filtered and somehow manually edited list of Pligg-based social bookmarking sites, this...
-
Disaat-saat tertentu untuk menghilangkan kejenuhan kadang kala entertain (kesenangan) harus kita upayakan, demikian pula ketika kita berkuta...
-
It seems the method for us to use is far simpler than my initial impressions - we need only add two small sections of code to our templates ...
-
Last month we showed you some of the more popular and useful Adobe AIR applications (see " 6 Adobe AIR Apps to Check Out &quo...
-
PicPick is an all-in-one software for software developers, graphic designers and home user. It has an intuitive interface and simple, elega...
-
Bio-Linux is an ideal system for scientists handling and analysing biological data. Bio-Linux 6.0 is a fully featured, powerful, config...
-
About the author henkhei is man in the mirror where you can find everywhere henkhei . he specializes in topics of interest to techno gee...
-
MAKNA FILOSOFI DARI LAGU GUNDUL-GUNDUL PACUL Ternyata lagu gundul-gundul pacul mempunyai filosofi yang cukup mendalam, Lagu Gundul Gundul...
-
A tablet PC is a wireless, portable personal computer with a touch screen interface. The tablet form factor is typically smaller than ...
