Sound Hijacking: Abusing Missing XFO

8 March 2019

A clickjacking attack works by loading a malicious website inside a low-opacity iframe and overlaying it with an innocuous looking button, checkbox, or link. This tricks the user into interacting with the vulnerable website beneath.

Read full news article on Dzone

Date:

8 March 2019

Categorie(s):

NEWS

Tag(s):

Attack Vector, Browsers, Chrome, Google, Google Docs, Hijacking, Internet, Sounds

Preparation: The Less Shiny Side of Incident Response – Joe Gross – ESW #3603 May 2024
Critical GitLab account takeover flaw added to CISA’s KEV Catalog2 May 2024
Microsoft, Google do a victory lap around passkeys2 May 2024
Understanding Scattered Spider, and how they perform cloud-centric identity attacks2 May 2024
Dropbox Sign customer data accessed in breach2 May 2024