Tech
News
More
relevant Tech News from around the world compiled for your convenience
Probably
the simplest phishing trick in the world
Many popular browsers are affected by a vulnerability that makes it
easy to spoof the content of websites, security firm Secunia warns.
Features built into browsers makes it possible for malicious websites
to change the content of pop-up windows created by trusted websites
such as online banks. Users would have no inkling that potentially hostile
content has been injected into a pop-up window. Exploits rely on misusing
browser functionality rather than taking advantage of a software bug.
Thomas Kristensen, Secunia’s chief technology officer, described
the problem as “perhaps the simplest phishing trick yet.”
Secunia
has confirmed the vulnerability on fully patched versions of Internet
Explorer 6.0 and Windows XP SP1 and SP2 (advisory here), Mozilla 1.7.3,
Mozilla Firefox 1.0, Netscape 7.2, Apple's Safari 1.2.4, Opera 7.54,
and KDE's Konqueror 3.2.2-6. Other versions of these browsers might
also be affected. Secunia has issued five advisories (summary here)
and an on-line test.
Secunia describes the vulnerabilities as "moderately critical".
It advises users not to browse untrusted sites while browsing trusted
sites.
By
John Leyden
Back
to Tech News
