main

Attack Types & VectorsHacksSecurity

You’ve Been Clickjacked!

April 28, 2016 — by Ben Zilberman0

clickjacking_img-1.png

So you have the latest in DDoS and WAF protection. You’ve ensured your company is protected against SQL injections and cross-site scripting, but then an employee clicks on a pop-up to win a free iPad and your network has suddenly been infiltrated with malicious code. What happened?

In analyzing the 2015 cyber trends, we have found that cyber attackers can effectively defeat IP-based defense systems by launching application-level attacks that originate from real – but dynamic – IP addresses.  One of the most common variations of dynamic IP attacks is clickjacking.