Owasp5005 Part1 – New zero-day browser exploits

Most Commented

Loading....

Yahoo! again - XSS in Uncategorized (357 Visits)
Yahoo! again - bad settings? in Uncategorized (252 Visits)
Fanii nostri in Uncategorized (183 Visits)
Frustrant in Uncategorized (146 Visits)
La multi ani România, la multi ani românilor in Uncategorized (137 Visits)
Weblog.ro - Shell via Local File Inclusion in Uncategorized (119 Visits)
Yahoo! epic fail - permanent xss unleashed in Uncategorized (50 Visits)
... in Uncategorized (38 Visits)
XSS Ownage - hi5 vs. Yahoo! + video in Uncategorized (2 Visits)
Ce nu se invata la scoala - Tipuri si tehnici spam/Hi5 (4) in Uncategorized (2 Visits)
Hackersblog.org is now blog.rstcenter.com in (1800 Visits)
O mica dar importanta precizare in (1402 Visits)
Twitter in (846 Visits)
This is the end in (834 Visits)
Ce servicii de mail folositi? in (826 Visits)
Un nou membru in (771 Visits)
La multi ani România, la multi ani românilor in (762 Visits)
Inca o pierdere de timp in (709 Visits)
De reţinut in (670 Visits)
Azi este ziua userilor hackersblog.org in (644 Visits)
Hi5.com coders read this in (620 Visits)
SMS scam (1) in (610 Visits)
Dezinformare sau proasta informare? in (597 Visits)
Phishing Raiffeisen cu atasament html in (557 Visits)
Phishing Bancpost in (524 Visits)
Si tentativele de phishing pot fi amuzante in (456 Visits)
Ce nu se invata la scoala - Tipuri si tehnici spam/mail (2) in (2865 Visits)
Ce nu se invata la scoala - Tipuri si tehnici spam/Hi5 (4) in (2832 Visits)
Despre CSRF, hi5.com, cum sa trisezi la concursuri s.a.m.d. in (1206 Visits)
[Utilitare] Suna gratis de pe internet sau de pe iPhone in (1187 Visits)
Ce nu se invata la scoala - (D)DOS (5) in (1006 Visits)
Virusi in clipuri video [how to] in (967 Visits)
Ce nu se invata la scoala - Tipuri si tehnici spam (1) in (763 Visits)
Yahoo! redirects - a big issue (with video) in (609 Visits)
Internet vs. privacy (1) in (503 Visits)
Ca musca in... in (461 Visits)
RedTube.com ... The Free Sex Video Community in (13509 Visits)
usa.kaspersky.com hacked ... full database acces , sql injection in (5410 Visits)
libertatea.ro vulnerabil la (blind) sql injection in (3079 Visits)
Telegraph.co.uk hacked, sql injection in (2699 Visits)
Pwning cam girls for fun in (2693 Visits)
Facebook hacked - sql injection in (2577 Visits)
Simpatie.ro, matrimoniale3x.ro, apetisant.ro, deliciu.ro , etc Sql injection in (2552 Visits)
F-Secure.com - SQL Injection + Cross Site Scripting in (1857 Visits)
[Hacked]Bitdefender (Portugal) exposes sensitive customer data in (1851 Visits)
Wtf Avira? in (1801 Visits)
Christopher "moot" Poole: The case for anonymity online in (1578 Visits)
Digital Photocopiers Loaded With Secrets in (1491 Visits)
Hacker Uses XSS and Google Street View Data to Determine Physical Location in (891 Visits)
Wannabe Hackers [1] - Cum sa hack-uiesti RapidShare-ul in (648 Visits)
Wannabe Hackers [2] - cum sa faci un virus by sppy_hacker in (631 Visits)
Hope 2603 – Kevin Mitnick - Life a Computer Hacker – Revealed in (487 Visits)
PRIVACY IS DEAD - GET OVER IT, Pt 01-34 (Recommended by Hackersblog ) in (419 Visits)
Oldies but goodies - Freedom Downtime - The Story of Kevin Mitnick in (415 Visits)
[Video] The History Of Hacking in (395 Visits)
Email Security - Why You Should Encrypt Your Email - Part One in (388 Visits)
Deface - tuttoaffari.lastampa.it si citymusiclab.city.corriere.it in (3545 Visits)
RNS vs. RAI - citizenreport.rai.it hacked. in (3359 Visits)
Hi5 email finder si sfarsitul a tot ceea ce inseamna privacy in social networking in (3280 Visits)
Se poate sparge parola de Yahoo? in (2734 Visits)
Planete-plus-intelligente.lemonde.fr defaced by R.N.S. in (2560 Visits)
Free SMS time, TrimiteSMS.ro in (2532 Visits)
Gmail uber hacking in (2471 Visits)
Cancan.ro spart pentru a doua oara intr-o zi in (2344 Visits)
Camera de supraveghere a universitatii Alexandru Ioan Cuza din Iasi in (2321 Visits)
Stiri cu antena3 in (2241 Visits)

Top Users

Archives

Loading....

B7ackAnge7z (2)
Dragos (1)

Owasp5005 Part1 – New zero-day browser exploits – ClickJacking

Posted by 2fingers in Videos

Posted on May 8th, 2009

NEW ZERO-DAY BROWSER EXPLOITS: CLICKJACKING YA, THIS IS BAD, with Jeremiah Grossman and Robert RSnake Hansen. Security researchers have revealed that a new class of vulnerabilities dubbed “clickjacking” can put users of every major browser at risk from attack. Although the clickjacking problem has been associated with browsers — users of Internet Explorer, Firefox, Safari, Opera, Google Chrome and others are all vulnerable to the attack — the problem is actually much deeper, said Robert Hansen, founder and chief executive of SecTheory LLC, he called clickjacking similar to cross-site request forgery, a known type of vulnerability and attack that sometimes goes by “CRSF” or “sidejacking.” But clickjacking is different enough that the current anti-CRSF security provisions built into browsers, sites and Web applications are worthless. — Recorded at the Open Web Application Security Project (www.OWASP.org) NYC Conference on Sep 25, 2008

Content produced by www.MediaArchives.com – Many other OWASP Conference videos available on www.OWASP.tv Get Involved Today! —

(YouTube title and description)

May 8, 2009 -- Owasp5005 Part2 – New zero-day browser exploits – ClickJacking
May 8, 2009 -- Owasp5005 Part3 – New zero-day browser exploits – ClickJacking
May 8, 2009 -- MySpace Hacker Presents to Web Security Conference Audience
May 8, 2009 -- OWASP Phishing demo
May 8, 2009 -- Webcam ClickJacking

Related Posts

Leave a Reply