An Interest In:
Web News this Week
- April 25, 2024
- April 24, 2024
- April 23, 2024
- April 22, 2024
- April 21, 2024
- April 20, 2024
- April 19, 2024
October 20, 2020 06:50 pm
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/bDkPTFtnRyU/seven-mobile-browsers-vulnerable-to-address-bar-spoofing-attacks
Seven Mobile Browsers Vulnerable To Address Bar Spoofing Attacks
In a report published today by cyber-security firm Rapid7, the company said it worked with Pakistani security researcher Rafay Baloch to disclose ten new address bar spoofing vulnerabilities across seven mobile browser apps. From a report: Impacted browsers include big names like Apple Safari, Opera Touch, and Opera Mini, but also niche apps like Bolt, RITS, UC Browser, and Yandex Browser. The issues were discovered earlier this year and reported to browser makers in August. The big vendors patched the issues right away, while the smaller vendors didn't even bother replying to the researchers, leaving their browsers vulnerable to attacks. "Exploitation all comes down to 'JavaScript shenanigans'," said Rapid7's Research Director, Tod Beardsley. The Rapid7 exec says that by messing with the timing between when the page loads and when the browser gets a chance to refresh the address bar URL, a malicious site could force the browser to show the wrong address.Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/bDkPTFtnRyU/seven-mobile-browsers-vulnerable-to-address-bar-spoofing-attacks
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot