Description: The same origin policy is something most technical people think they understand, but it’s full of caveats and pitfalls. This talk will explore some of these misunderstandings with practical examples of attacks that happen somewhere between the browser tabs. We’ll look at new scenarios where it's possible to bypass some of the most common content-isolation mechanisms usually recommended (even by top notch people/organizations) to protect against CSRF, clickjacking, and NTLM attacks. The gist is, completely mitigating these things can be very difficult to get right.
For More Information please visit : - http://www.blackhat.com/eu-13/briefings.html
Tags: securitytube , hacking , hackers , information security , convention , computer security , blackhat-eu-2013 ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.