HomeIT Strategy

Researchers Circumvent Defenses by Clickjacking at Top Websites

CIO Insight Staff
By CIO Insight Staff
Updated on:

Four researchers from Stanford and Carnegie Mellon outlined how frame busting, a protection meant to defeat clickjacking, can be circumvented on Twitter and other popular sites.

Clickjacking uses malicious iframes to take control of a web surfer’s clicks and hijack their web session. The term clickjacking was first used in 2008 by WhiteHat Security CTO Jeremiah Grossman and Robert “RSnake” Hansen, CEO of SecTheory. In order to combat the attack, websites instituted techniques known as frame busting, which prevent a site from running when it is loaded inside a frame.

According to researchers from Stanford University and Carnegie Mellon University, frame-busting isn’t as effective at preventing clickjacking as hoped. An analysis of the Top 500 websites ranked by Alexa found all of the frame busting implementations could be circumvented. Some of the circumventions were browser-specific, while others worked across all browsers, the researchers found.

READ MORE >>

Previous article
Dell Launches Slew of Printer Solutions
Next article
Two New Qualcomm Dual-CPU Snapdragons Begin Shipping
CIO Insight Staff
CIO Insight Staff
CIO Insight offers thought leadership and best practices in the IT security and management industry while providing expert recommendations on software solutions for IT leaders. It is the trusted resource for security professionals who need network monitoring technology and solutions to maintain regulatory compliance for their teams and organizations.

Get the Free Newsletter!

Subscribe to Daily Tech Insider for top news, trends, and analysis.

Latest Articles

Related Articles

CIO Insight offers thought leadership and best practices in the IT security and management industry while providing expert recommendations on software solutions for IT leaders. It is the trusted resource for security professionals who need to maintain regulatory compliance for their teams and organizations. CIO Insight is an ideal website for IT decision makers, systems integrators and administrators, and IT managers to stay informed about emerging technologies, software developments and trends in the IT security and management industry.

Advertisers

Advertise with TechnologyAdvice on CIO Insight and our other IT-focused platforms.

Advertise with Us

Menu

Our Brands

Property of TechnologyAdvice.
© 2022 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.