08 July 2011

Clickjacking Update

A new white paper from Carnegie Mellon University describes alternative clickjacking attacks that do not reply on the use of iframes.

Photograph of signage at Tate Modern in London with the words 'Interactive Zone' written on the glass windows overlooking the turbine hall

Lin-Shung Huang and Collin Jackson announced the overview white paper Clickjacking Attacks Unresolved describing their research topic, references to related research and example demonstrations. The paper outlines how using the X-Frame-Options header and anti-framing code are recommended but are not a complete solution. The authors are continuing with their research, which will include advice on countermeasures.

So, one to watch.

Posted on: 08 July 2011 at 08:12 hrs

Comments Comments (0) | Permalink | Send Send | Post to Twitter


Comments are filtered automatically and should appear shortly after they been checked.

Post a comment
Confirm acceptance and understanding of the terms of use
New posts to this thread will be sent to your email address
Clickjacking Update
ISO/IEC 18004:2006 QR code for https://clerkendweller.uk

Page https://www.clerkendweller.uk/2011/7/8/Clickjacking-Update
Requested by on Tuesday, 1 December 2015 at 09:11 hrs (London date/time)

Please read our terms of use and obtain professional advice before undertaking any actions based on the opinions, suggestions and generic guidance presented here. Your organisation's situation will be unique and all practices and controls need to be assessed with consideration of your own business context.

Terms of use https://www.clerkendweller.uk/page/terms
Privacy statement https://www.clerkendweller.uk/page/privacy
© 2011-2015 clerkendweller.uk