Microsoft security researchers have identified critical vulnerabilities in Facebook and Google Picase which led to account compromise and arbitrary code execution.The vulnerability in Facebook was ironically introduced by the company's anti-clickjacking protection deployed earlier this year in response to the ma... |
20 July 2011
13:35 GMT |
 |
|
Facebook scammers are combining old techniques in new campaigns spotted on the social networking website, including clickjacking and registering rogue app pages.After a period of paste-this-code-type scams and fake pages hosted on external servers, affiliate marketing spammers are back to their old tricks, security r... |
1 July 2011
05:16 GMT |
|
|
Spammers took advantage of people's interest into Lily Allen's wedding over the weekend and launched a clickjacking attack on Facebook using the singer as lure.According to security researchers from Sophos who spotted the attack, the spam messages spread by the scam's victims read: "Lily Allen shows he... |
13 June 2011
13:07 GMT |
|
|
A new viral likejacking scam currently making the rounds on Facebook is luring users with an alleged video of the world's funniest condom commercial. The messages posted by victims on their walls read: "The World Funniest Condom Commercial - LOL [link] haha its really so funny ~ Dont Miss it !"The spammed link l... |
31 May 2011
08:33 GMT |
|
|
Security researchers warn of a new clickjacking scam that spreads on Facebook by luring users with a video showing a baby being born.The spam messages posted by victims of this attack read: "Baby Born Amazing Effect - WebCamera" and contains a link that takes users to a page hosted at blogspot.com.The page displays a... |
28 May 2011
06:58 GMT |
|
|
Security researchers warn of a new Facebook scam that uses a Twilight Breaking Dawn game as lure to trick users into spamming their friends and participate in surveys.The scam combines clickjacking with rogue apps, so it comes with two propagation mechanisms. The produced spam encourages users to go play a new game b... |
11 April 2011
04:53 GMT |
|
|
Facebook has implemented a mechanism to block so-called likejacking attacks by requesting confirmation for suspicious Like actions.Likejacking is a term referring for attacks that employ clickjacking techniques to trick Facebook users into liking rogue pages.Clickjacking, or user interface redressing as it's kno... |
30 March 2011
09:56 GMT |
|
|
A new likejacking scam is currently spreading on Facebook by using a sexy teacher video as lure to trick people into taking part in surveys.Users affected by this scam will end up posting wall messages that read: "[URL] When our new teacher terns towards a blackboard students are go haywire. VIDEO: New Teacher from b... |
21 March 2011
06:58 GMT |
|
|
Security researchers from Sophos warn of multiple Facebook clickjacking scams that force users to Like rogue pages by using fake Japanese tsunami videos as lure.After a devastating tsunami resulting from a 8.9-magnitude earthquake hit Japan last week, security experts knew that it was only a matter of time until scam... |
14 March 2011
00:39 GMT |
|
|
A new likejacking attack is rapidly spreading on Facebook by tricking users with an allegedly shocking video of Emma Watson.The 20-year-old British actress, best known for her portrayal of Hermione Granger in the Harry Potter movies, has a very strong fan base, particularly among minors.This makes her a very good tar... |
1 March 2011
11:33 GMT |
|
|
Security researchers from Sophos warn of localized scams on Facebook which trick people into liking spam pages by employing clickjacking techniques.Clickjacking, also known as user interface (UI) redressing, is a type of attack where programming methods are used to make an element invisible and super-impose it over a... |
22 February 2011
12:57 GMT |
|
|
The newly released 2.3 version of the Android mobile operating system contains a security enhancement aimed at protecting users against UI redressing attacks.Commonly referred to as clickjacking, these attacks use various techniques to hide user interface elements and superimpose them onto others with the purpose of ... |
7 December 2010
13:04 GMT |
|
|
A new scam employing clickjacking techniques is spreading on Facebook and lures people to surveys with an intriguing video about girl secrets.The victims are forced to Like and Share a rogue page with an associated message that reads: "5 things girls do before she meets her boyfriend !! <link>"The link take... |
29 October 2010
13:36 GMT |
|
|
New scams have hit Facebook over the weekend and are using McDonalds and texting lures to trick users into visiting clickjacking-enabled pages.One of the attacks starts with a message reading "OMG... Look What This 6 YEAR OLD found in Her HAPPY MEAL from McDonalds! on CLICK HERE TO SEE."The included link takes users ... |
25 October 2010
07:58 GMT |
|
|
A new Facebook scam is reusing an older theme about a girl who killed herself, but also employs a clickjacking trick that forces users to propagate it.Victims of this scam will end up unwillingly promoting a link to a page called "Girl killed herself, after her dad posted This to her Wall."When opened, this page disp... |
24 September 2010
06:40 GMT |
|
|
Security researchers warn of a new Facebook scam trying to use a shocking element to lure people. However, what is particularly interesting about this one is that it employs a clickjacking trick.This latest scam uses a rather grim theme, which is probably why the number of affected people is not yet into the hundreds... |
5 August 2010
04:08 GMT |
|
|
A security researcher has discovered a vulnerability which can be used to force Facebook users into liking arbitrary pages. The type of attack is known as clickjacking and does not require any form of user confirmation.The Facebook “Like” button allows users to share content they find interesting on the W... |
14 July 2010
05:52 GMT |
|
|
The clickjacking attacks that plagued Facebook this past weekend have made a comeback. Security experts warn that the new spam messages touch on popular subjects such as the World Cup, the BP leak, the new Shrek movie and the UFC games or celebrities like Justin Biebers or Hayley Williams.
Celebrity gossip has alway... |
3 June 2010
11:33 GMT |
|
|
A clickjacking worm that forced hundreds of thousands of unsuspecting Facebook users to unknowingly post spam messages on their profiles, rapidly spread through the social networking website over the weekend. The worm used catchy news headlines to lure its victims into the trap.Clickjacking is a Web attack technique ... |
31 May 2010
11:14 GMT |
|
|
Adobe has just released the 10.0.22.87 version of its Flash Player application. It includes fixes for serious vulnerabilities and is classified as critical. Users are urged to deploy the update, as attacks might follow. One of the most serious flaws addressed in the new version has been reported by security and vuln... |
25 February 2009
04:50 GMT |
|
|
Adobe has released Flash Player 10, an update which fixes several security problems including clipboard poisoning and the UI redressing attack that hijacks computer webcams and microphones. Other security improvements include prevention of cross-domain privilege escalation attacks, port-scanning and unauthorized down... |
17 October 2008
05:31 GMT |
|
|
Adobe has released an advisory that describes the Flash Player vulnerability, which previously prompted security researchers Jeremiah Grossman and Robert Hansen to halt the disclosure of technical details regarding clickjacking attacks. According to the advisory, by using clickjacking techniques, an attacker can gain... |
8 October 2008
11:03 GMT |
|
|
Researchers Jeremiah Grossman, founder of WhiteHat Security, and Robert “RSnake” Hansen, founder of SecTheory, announced that they would fully disclose their research and PoC exploits at the Hack In The Box (HITB) conference in Kuala Lumpur, 27-30 October. The researchers previously canceled the presentat... |
30 September 2008
06:22 GMT |
|
|
Security researchers Jeremiah Grossman and Robert “RSnake” Hansen have been working on developing several proof of concept exploits based on clickjacking techniques that affect websites on all browser platforms. They intended to present them at the OWASP AppSec Conference in New York later this month; how... |
17 September 2008
10:40 GMT |
|
|
Find us on Google+
