Threat hunters have disclosed a new “widespread timing-based vulnerability class” that leverages a double-click sequence to facilitate clickjacking attacks and account takeovers in almost all major websites.
The technique has been codenamed DoubleClickjacking by security researcher Paulos Yibelo.
“Instead of relying on a single click, it takes advantage of a double-click sequence,” Yibelo said. Threat hunters have disclosed a new “widespread timing-based vulnerability class” that leverages a double-click sequence to facilitate clickjacking attacks and account takeovers in almost all major websites.
The technique has been codenamed DoubleClickjacking by security researcher Paulos Yibelo.
“Instead of relying on a single click, it takes advantage of a double-click sequence,” Yibelo said.
- Like SEO, LLMs May Soon Fall Prey to Phishing Scams darkreadingJai Vijayan, Contributing Writer
- LevelBlue Acquires Trustwave, Forms World’s Largest Independent MSSP darkreadingJeffrey Schwartz
- Scope, Scale of Spurious North Korean IT Workers Emerges darkreadingBecky Bracken
- Ransomware Reshaped How Cyber Insurers Perform Security Assessments darkreadingArielle Waldman
- We’ve All Been Wrong: Phishing Training Doesn’t Work darkreadingNate Nelson, Contributing Writer
- The Beginner’s Guide to Using AI: 5 Easy Ways to Get Started (Without Accidentally Summoning Skynet)by Tech Jacks
- Tips and Tricks to Enhance Your Incident Response Proceduresby Tech Jacks
- Building a Security Roadmap for Your Company: Strategic Precision for Modern Enterprises by Tech Jacks
- The Power of Policy: How Creating Strong Standard Operating Procedures Expedites Security Initiativesby Tech Jacks
- Building a Future-Proof SOC: Strategies for CISOs and Infosec Leaders by Tech Jacks
- Security Gate Keeping – Annoying – Unhelpfulby Tech Jacks
- The Beginner’s Guide to Using AI: 5 Easy Ways to Get Started (Without Accidentally Summoning Skynet)
Leave A Reply