Stopping the cross-site authentication attack
STRANGE PHISHING
A new form of phishing attack deposits an HTML tag on the vulnerable service to trap users into authenticating.
Phishing messages should be a familiar sight to most readers. They appear to come from your bank or eBay and ask you to enter your credentials on a spoofed login page. A phishing attack uses trickery to spy on user credentials. Another method, known as cross-site scripting (XSS, as CSS stands for Cascading Style Sheets), places active code on a vulnerable page. The unsuspecting user’s web browser runs the code and sends the user’s login data to the attacker.
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
US / Canada
UK / Australia
News
-
KDE Developers Are Working on a TV Interface
The developers of the KDE desktop are hard at work to create a TV interface.
-
System76 is Developing a New Keyboard
The company behind the incredibly powerful Thelio desktop is developing a new keyboard.
-
Zorin OS 15.2 Now Available
The latest release of Zorin OS offers numerous improvements.
-
Firefox to Get an Additional Sandbox Layer
Starting with Firefox 74, the open source web browser will include the new RLBox security feature.
-
Microsoft Defender ATP is Coming to Linux
Microsoft is ramping up its efforts to fight attackers across all platforms.
-
South Korean Government Considers Move to Linux Desktop
Seoul Mulls Migrating from Windows to Linux.
-
OpenSSH Now Supports FIDO/U2F Security Keys
SSH users can now add FIDO/U2F to the list of supported multi-factor authentication tools.
-
System76 Launches New AMD Threadripper Machine
System76 has added an AMD Threadripper option for their Thelio desktop lineup.
-
LibreOffice 6.4 Released
The unofficial office suite for the Linux platform has performance in mind for users.
-
Official Evernote Client Coming to Linux
The most widely-used note-taking app is coming to Linux.