So my favorite script kiddy and copycat, Feross (copied, note the shameless “I discovered” in his Quora post, LoL) Found a social engineering flaw in the HTML5 fullscreen mode that can be used for phishing attacks. This time it might be even his own finding… what do you know 😉 This »
Two weeks ago this guy managed to revive my 3 years old Webcam ClickJacking POC and also managed to revive some of the buzz surrounding it. The revived attack is exactly the same as my 2008 POC it even uses lots of my code. The different is that instead of »
*Update: *Youtube has revived my video. you can now watch Webcam Clickjacking as much as you like. — Remember ClickJacking? The generic flaw in web browsers and HTML. Remember Webcam Clickjacking? My PoC showing how this flaw can be used to take control over a victim webcam and mic. Well, my »
Update: Adobe has fixed this issue by framebusting the Settings Manager pages. Now, 99.9% of the users are protected from this specific exploit. Congrats on the fast response. —- Turn every browser into a surveillance zombie. The wet dream of every private eye and peeping tom. Imagine this scenario, »