Recommended Posts

I'm reading this article from ZDnet called:
New browser attack lets hackers run bad code even after users leave a web page
https[:]//www[.]zdnet[.]com/article/new-browser-attack-lets-hackers-run-bad-code-even-after-users-leave-a-web-page/

It describes a neat MarioNet attack. (neat from an attacker point of view)

Quote

 

The attack routine consists of registering a service worker when the user lands on an attacker-controlled website and then abusing the Service Worker SyncManager interface to keep the service worker alive after the user navigates away.

The attack is silent and doesn't require any type of user interaction because browsers don't alert users or ask for permission before registering a service worker. Everything happens under the browser's hood as the user waits for the website to load, and users have no clue that websites have registered service workers as there's no visible indicator in any web browser.

 

So am I protected using my EMSIsoft?

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.