open core »

Clickjacking - The new threat?

I've been away from the blog from sometime, thanks to some freelance projects and university projects, so this is almost old news.

Clickjacking is the new buzzword on the web. What is it? It's supposed to be a new vulnerability that mainly affects websites. It hasn't been completely disclosed since vendors (Microsoft, Mozilla, Adobe, etc.) have asked for some time before disclosure. Patching every website on the web is definitely an impossible mission, so, browsers will be patched in order to solve this possible threat.

You can check here and here for details about clickjacking from RSnake's blog, one of the two researchers that found this.

Update: Here's the proof of concept video of clickjacking and webcam hijacking in Adobe Flash.

Update 2: A nice post from gnucitizen about this.