Stopping the cross-site authentication attack

STRANGE PHISHING

Author(s):

A new form of phishing attack deposits an HTML tag on the vulnerable service to trap users into authenticating.

Phishing messages should be a familiar sight to most readers. They appear to come from your bank or eBay and ask you to enter your credentials on a spoofed login page. A phishing attack uses trickery to spy on user credentials. Another method, known as cross-site scripting (XSS, as CSS stands for Cascading Style Sheets), places active code on a vulnerable page. The unsuspecting user’s web browser runs the code and sends the user’s login data to the attacker.

Read full article as PDF:

XSA_Attack.pdf (150.84 kB)

Related content

comments powered by Disqus

Direct Download

Read full article as PDF:

XSA_Attack.pdf (150.84 kB)

News

njobs Europe
What:
Where:
Country:
Njobs Netherlands Njobs Deutschland Njobs United Kingdom Njobs Italia Njobs France Njobs Espana Njobs Poland
Njobs Austria Njobs Denmark Njobs Belgium Njobs Czech Republic Njobs Mexico Njobs India Njobs Colombia