This is cache of http://ha.ckers.org/blog/20091123/the-bikini-is-no-longer-safe/. Cache is the snapshot of article that we took when we index feed.
To see original page click here.
We are not affiliated with the authors of this article and not responsible for its content.
The Bikini Is No Longer Safe
2009-11-23 19:01:17 by RSnake in ha.ckers.org web application security lab
 

Jeremiah Grossman sent this over this afternoon. No, do not click that scandalous picture of that bikini clad girl… it’s just another example of Clickjacking in the wild. Facebook has been hit by a clickjacking worm found by Gadi Evron. It’s called, funny enough the bikini worm. Just another great example of how defense just keeps getting harder for the good guys. If you aren’t vulnerable to CSRF, you’re vulnerable to XSS. If you aren’t vulnerable to XSS you’re vulnerable to clickjacking…

It’s just another great example of a combination of attacks, including my favorite - social engineering. The funniest part of this article is where Gadi admitted to finding the worm by way of clicking on it. Oh, Gadi… hahah!

It’s official. The biniki is no longer safe. Move along.

 
Tags: gadi evron, gadi, bikini worm, worm, vulnerable, bikini clad girl, gadi hahah, scandalous picture, jeremiah grossman