[Owasp-denver] Back from OWASP NYC!

dave-san dave at subverted.org
Wed Oct 1 14:13:28 EDT 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

David Campbell wrote:
> Folks,
> 
> I've just returned from New York and have lots of interesting info to
> share from the Appsec '08 conference.
> 
> As you may have heard, Jeremiah and RSnake's presentation on
> Clickjacking was squelched at the request of Adobe.  However, what I can
> tell you is that the flaw they uncovered is a browser design flaw, so
> don't expect any patches soon.  If you're concerned, try the NoScript
> firefox plugin (noscript.net), which appears to mitigate the
> Clickjacking attack.
> 

I remembered a post about clickjacking on a recent DailyDave post. Apologies to those of you who already have this information.

http://lists.immunitysec.com/pipermail/dailydave/2008-September/005356.html

I suggest reading through it and through the references cited in Zalewski's post.

- -dg



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFI473IQykzwGjPFpsRAhvJAJ9Nupn/H5wSnBoZHoylfq/WzpuLrQCeKowR
cwFAspfg/d/DY7N41N817Q0=
=X5mF
-----END PGP SIGNATURE-----


More information about the OWASP-DENVER mailing list