Language Selection

English French German Italian Portuguese Spanish

How To Stop Firefox Clickjacking Exploit Attack

Filed under
Security

Really scary exploit attack in wild, which affects all browsers under any desktop operating systems including MS IE, Linux, Apple safari, Opera, Firefox and Adobe flash. Any website that uses CSS, flash and IFRAME (used to serve ads) can be used to attack on end users. Attacker is able to take control of the links that your browser visits. From the article:

In a nutshell, it’s when you visit a malicious website and the attacker is able to take control of the links that your browser visits. The problem affects all of the different browsers except something like lynx. The issue has nothing to do with JavaScript so turning JavaScript off in your browser will not help you. It’s a fundamental flaw with the way your browser works and cannot be fixed with a simple patch. With this exploit, once you’re on the malicious web page, the bad guy can make you click on any link, any button, or anything on the page without you even seeing it happening.

According to victims on several Web forums, the attack is coming from Adobe Flash-based advertising on legitimate sites — including Newsweek, Digg and MSNBC.com.

How do I stop Clickjacking under Firefox?




More in Tux Machines

Open Source Router Connects US, Australia

The ONOS Project and partners said Wednesday they have demonstrated the real-world practicality of using a router with open source software to connect networks in Australia and the US. The test validates the vision of SDN, open source for carriers, as well as ON.Lab's ONOS network operating system, according to one of its coordinators. "SDN is about disaggregation of closed, proprietary boxes and separating of forwarding planes, control planes and applications," says Guru Parulkar, executive director and board member of ON.Lab , which coordinates ONOS development. The communications test between Australia and the US achieved just that, he says. (See ON.Lab Aims to Make White Boxes Carrier-Grade , ON.Lab Intros Open Source SDN OS and SK Telecom Bets on SDN for Wireless.) Read more

Xubuntu Core 15.04 Officially Released, Not Related to Ubuntu Core

A new official Xubuntu flavor called "core" has been announced by developers. It's based on Ubuntu, and it integrates the Xfce desktop environment and nothing else. Read more

Ubuntu Developers Working to Use Systemd on Ubuntu Touch

The desktop flavor of Ubuntu has already moved to systemd from an upstart, but Ubuntu Touch is still using upstart. It's not clear when the mobile platform will move to the new init system, but Ubuntu developers are already working towards this goal. Read more

Nginx open source server gets TCP load-balancing

With the release of the Nginx 1.9.0 Web server, Nginx has taken TCP load-balancing capabilities from its commercial Nginx Plus product and fitted it to the company's open source technology. TCP load balancing improves failover consistency among worker processes, according to Nginx. The feature already has appeared in the commercial Nginx 5 and 6 products. Read more