Discussion
Loading...

Post

  • About
  • Code of conduct
  • Privacy
  • Users
  • Instances
  • About Bonfire
Jonathan Kamens 86 47
@jik@federate.social  ·  activity timestamp 2 months ago

This research by Marek Tóth presented at #DEFCON is good. The vulnerability he discusses is real.
However, exploiting it requires the attacker to compromise a website and add phantom workflows to it that the victim doesn't notice as suspicious. Not impossible, but also IMO not likely unless you visit shady websites frequently.
Personally, I do not think the likelihood is high enough to disrupt my existing workflows to protect against the attack.
#clickjacking #infosec
https://marektoth.com/blog/dom-based-extension-clickjacking/

  • Copy link
  • Flag this post
  • Block
Log in

bonfire.cafe

A space for Bonfire maintainers and contributors to communicate

bonfire.cafe: About · Code of conduct · Privacy · Users · Instances
Bonfire social · 1.0.0-rc.3.1 no JS en
Automatic federation enabled
  • Explore
  • About
  • Members
  • Code of Conduct
Home
Login