Language Selection

English French German Italian Portuguese Spanish

How To Stop Firefox Clickjacking Exploit Attack

Filed under
Security

Really scary exploit attack in wild, which affects all browsers under any desktop operating systems including MS IE, Linux, Apple safari, Opera, Firefox and Adobe flash. Any website that uses CSS, flash and IFRAME (used to serve ads) can be used to attack on end users. Attacker is able to take control of the links that your browser visits. From the article:

In a nutshell, it’s when you visit a malicious website and the attacker is able to take control of the links that your browser visits. The problem affects all of the different browsers except something like lynx. The issue has nothing to do with JavaScript so turning JavaScript off in your browser will not help you. It’s a fundamental flaw with the way your browser works and cannot be fixed with a simple patch. With this exploit, once you’re on the malicious web page, the bad guy can make you click on any link, any button, or anything on the page without you even seeing it happening.

According to victims on several Web forums, the attack is coming from Adobe Flash-based advertising on legitimate sites — including Newsweek, Digg and MSNBC.com.

How do I stop Clickjacking under Firefox?




More in Tux Machines

The First Vivid-Based Ubuntu Touch Image Has Been Released

As I have previously announced, the Ubuntu Touch development branch is based on Ubuntu 15.04 Vivid Vervet, while the Ubuntu RTM branch is still using Ubuntu 14.10 Utopic Unicorn as code base, because it has already received stability improvements and will by default on the first Ubuntu powered Meizu phone. Currently, all the new features are implemented on the Ubuntu-Devel branch, the RTM one receiving only fixes. Read more

Security-Minded Qubes OS Will Satisfy Your Yen for Xen

It has advanced far beyond the primitive proof of concept demonstrated more than four years ago. Release 2 (beta), which arrived in late September, is a powerful desktop OS. Qubes succeeds in seamless integrating security by isolation into the user experience. However, comparing Qubes to a typical Linux distro is akin to comparing the Linux OS to Unix. Read more

Sad News! ;-)

So, XP is dead, “7” is dying, “8” is a zombie, and “10” is vapourware with nowhere to call home. M$ continues layoffs. POOF! It all falls down. In the meantime Google and the OEMs will crank out many millions of ChromeBooks. Canonical, Linpus, RedHat, Suse… and the OEMs will crank out many millions of GNU/Linux PCs. Several OEMs will crank out many millions of GNU/Linux thin clients. Android/Linux will reverberate with another billion or so units of small cheap computers(tablets, smartphones). This looks like good news to me. Read more

Android creator Andy Rubin is leaving Google

The move is, perhaps, not a total surprise. Last March, Rubin left the Android group and was replaced by Sundar Pichai. His latest project, as detailed in a lengthy New York Times report in December, was creating robots for a project outside of the company's Google X lab, something that dovetailed with Google's shopping spree of robotics companies. In 2012, there were also rumors abound that Rubin planned to leave for a stealth-mode startup called CloudCar, though they were vehemently denied. Read more