This paper proposes a browser spoofing attack which can break the weakest link from the server to user, i.e., man-computerinterface, and hence defeat the whole security system of ...
Cross-site scripting (or XSS) has been the most dominant class of web vulnerabilities in 2007. The main underlying reason for XSS vulnerabilities is that web markup and client-sid...
Cross-origin CSS attacks use style sheet import to steal confidential information from a victim website, hijacking a user's existing authenticated session; existing XSS defen...
Lin-Shung Huang, Zack Weinberg, Chris Evans, Colli...
In spite of the use of standard web security measures (SSL/TLS), users enter sensitive information such as passwords into scam web sites. Such scam sites cause substantial damages...
Identity theft through phishing attacks has become a major concern for Internet users. Typically, phishing attacks aim at luring the user to a faked web site to disclose personal ...
Sebastian Gajek, Ahmad-Reza Sadeghi, Christian St&...