nV News Forums

 
 

nV News Forums (http://www.nvnews.net/vbulletin/index.php)
-   Networking And Security (http://www.nvnews.net/vbulletin/forumdisplay.php?f=58)
-   -   All browsers are vulnerable to clickjacking (http://www.nvnews.net/vbulletin/showthread.php?t=121512)

Heinz68 10-20-08 10:47 AM

All browsers are vulnerable to clickjacking
 
[quote]All browsers are vulnerable to clickjacking

Stuart Johnston By Stuart J. Johnston

The latest Internet threat cloaks Web links so a wayward click can download malware to your PC without your knowledge.

What's worse, all browsers and other Web software are susceptible to clickjacking, but you can take steps to reduce the risk.

Clickjacking allows an attacker to use one or more of several new attack scenarios to literally steal your mouse clicks. When you think you're clicking on a simple button for example, to see the next page of an article you may actually be giving the bad guys permission to do something entirely different, such as log on to your online checking account.

By taking advantage of any of a growing number of recently discovered vulnerabilities in Microsoft's Internet Explorer, Mozilla's Firefox, Apple's Safari, and all other Web browsers, criminals can hijack your system by intercepting clicks of what appear to be legitimate links.

The problem doesn't stop there, however. At least some of the flaws that make clickjacking possible also show up in such popular Web tools as Adobe's Flash player and Microsoft's Silverlight streaming-media plug-in.

"If they can control where your clicks are going, they may be able to get a user to reconfigure the system so they disable security," Ed Skoudis, a security instructor for the SANS Institute, told Windows Secrets. Skoudis is also co-founder of the security firm InGuardians.
Read more at [url="All browsers are vulnerable to clickjacking Stuart Johnston By Stuart J. Johnston The latest Internet threat cloaks Web links so a wayward click can download malware to your PC without your knowledge. What's worse, all browsers and other Web software are susceptible to clickjacking, but you can take steps to reduce the risk. Clickjacking allows an attacker to use one or more of several new attack scenarios to literally steal your mouse clicks. When you think you're clicking on a simple button for example, to see the next page of an article you may actually be giving the bad guys permission to do something entirely different, such as log on to your online checking account. By taking advantage of any of a growing number of recently discovered vulnerabilities in Microsoft's Internet Explorer, Mozilla's Firefox, Apple's Safari, and all other Web browsers, criminals can hijack your system by intercepting clicks of what appear to be legitimate links. The problem doesn't stop there, however. At least some of the flaws that make clickjacking possible also show up in such popular Web tools as Adobe's Flash player and Microsoft's Silverlight streaming-media plug-in. "If they can control where your clicks are going, they may be able to get a user to reconfigure the system so they disable security," Ed Skoudis, a security instructor for the SANS Institute, told Windows Secrets. Skoudis is also co-founder of the security firm InGuardians.[/QUOTE]
Read more at WindowsSecrets
http://windowssecrets.com/2008/10/16/03-All-browsers-are-vulnerable-to-clickjacking
NOTE: The WindowsSecrets page also has reviews for many best free software.

crainger 10-23-08 01:08 AM

Re: All browsers are vulnerable to clickjacking
 
Good thing Chrome is immune.


All times are GMT -5. The time now is 07:35 PM.

Powered by vBulletin® Version 3.7.1
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Copyright 1998 - 2014, nV News.