Advertisement
Top
image credit: Adobe Stock

New Browser-in-the Browser (BITB) Attack Makes Phishing Nearly Undetectable

March 21, 2022

Via: The Hacker News
Category:

A novel phishing technique called browser-in-the-browser (BitB) attack can be exploited to simulate a browser window within the browser in order to spoof a legitimate domain, thereby making it possible to stage convincing phishing attacks.

According to penetration tester and security researcher, who goes by the handle mrd0x_, the method takes advantage of third-party single sign-on (SSO) options embedded on websites such as “Sign in with Google” (or Facebook, Apple, or Microsoft).

Read More on The Hacker News

RELATED PUBLICATIONS

US water facility OT infrastructure is under attack again
Network specialist debuts free tool that promises to solve VPN and ZTNA connectivity issues for good
Passwords under seven characters can be easily cracked

Latest Publications

Chinese government website security is often worryingly bad, say Chinese researchers
Indonesia sneakily buys spyware, claims Amnesty International
97% of security leaders have increased SaaS security budgets
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!