Stopping the cross-site authentication attack
STRANGE PHISHING
A new form of phishing attack deposits an HTML tag on the vulnerable service to trap users into authenticating.
Phishing messages should be a familiar sight to most readers. They appear to come from your bank or eBay and ask you to enter your credentials on a spoofed login page. A phishing attack uses trickery to spy on user credentials. Another method, known as cross-site scripting (XSS, as CSS stands for Cascading Style Sheets), places active code on a vulnerable page. The unsuspecting user’s web browser runs the code and sends the user’s login data to the attacker.
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
US / Canada
UK / Australia
News
-
LibreOffice 7 Now Available
The LibreOffice 7 office suite is now available with important compatibility improvements.
-
Microsoft Brings procmon to Linux
The creators of Windows have brought the sysinternals procmon tool to the open source operating system.
-
New KDE Slimbook Available
The makers of the KDE Slimbook have released a Ryzen-4000 powered laptop.
-
PinePhone Now Offers a Convergence Package
The makers of the Linux PinePhone are now offering a model that makes desktop/mobile convergence a reality.
-
Flutter is Coming to Linux
Google and Canonical have joined forces to bring Flutter to the Linux desktop.
-
Purism Launches a Mini PC
The makers of the Librem line of Linux-based laptops have released a mini PC.
-
openSUSE Leap 15.2 Adds AI Machine Learning
With the new release of openSUSE Leap comes some exciting new features, including machine learning.
-
Google’s Nearby Sharing Could Work with Linux
Google’s answer to Apple’s AirDrop feature is rumored to work with the Linux desktop.
-
System76 Launches Ryzen-Powered Laptop
The new System76 Serval WS includes a powerful AMD Ryzen CPU.
-
Linux Mint Drops Snap
Linux Mint has officially dropped their support for Canonical’s snap packages.