{"id":5552,"date":"2018-09-19T02:06:25","date_gmt":"2018-09-19T06:06:25","guid":{"rendered":"http:\/\/community.mis.temple.edu\/mis5211sec001fall2018\/?p=5552"},"modified":"2018-09-19T02:06:25","modified_gmt":"2018-09-19T06:06:25","slug":"beware-unpatched-safari-browser-hack-lets-attackers-spoof-urls","status":"publish","type":"post","link":"https:\/\/community.mis.temple.edu\/mis5211sec001fall2018\/2018\/09\/19\/beware-unpatched-safari-browser-hack-lets-attackers-spoof-urls\/","title":{"rendered":"Beware! Unpatched Safari Browser Hack Lets Attackers Spoof URLs"},"content":{"rendered":"

Beware! Unpatched Safari Browser Hack Lets Attackers Spoof URLs<\/p>\n

– Swati Khandelwal<\/p>\n

 <\/p>\n

The phishing attacks today are sophisticated and increasingly more difficult to spot, and this newly discovered vulnerability takes it to another level that can bypass basic indicators like URL and SSL, which are the first things a user checks to determine if a website is fake.<\/p>\n

 <\/p>\n

Vulnerability (CVE-2018-8383) is due to a race condition type issue caused by the web browser allowing JavaScript to update the page address in the URL bar while the page is loading. This vulnerability could essentially allow an attacker to load a legitimate page which would cause the page address to be displayed in the URL bar, and then quickly replace the code in the web page with a malicious one.<\/p>\n

 <\/p>\n

The URL below has a POC video for the vulnerability. Please do look.<\/p>\n

 <\/p>\n

Link:\u00a0https:\/\/thehackernews.com\/2018\/09\/browser-address-spoofing-vulnerability.html<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Beware! Unpatched Safari Browser Hack Lets Attackers Spoof URLs – Swati Khandelwal   The phishing attacks today are sophisticated and increasingly more difficult to spot, and this newly discovered vulnerability takes it to another level that can bypass basic indicators like URL and SSL, which are the first things a user checks to determine if […]<\/p>\n","protected":false},"author":20413,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[715219],"tags":[],"class_list":{"0":"post-5552","1":"post","2":"type-post","3":"status-publish","4":"format-standard","6":"category-week-03-it-administrative-controls","7":"entry"},"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall2018\/wp-json\/wp\/v2\/posts\/5552","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall2018\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall2018\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall2018\/wp-json\/wp\/v2\/users\/20413"}],"replies":[{"embeddable":true,"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall2018\/wp-json\/wp\/v2\/comments?post=5552"}],"version-history":[{"count":1,"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall2018\/wp-json\/wp\/v2\/posts\/5552\/revisions"}],"predecessor-version":[{"id":5553,"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall2018\/wp-json\/wp\/v2\/posts\/5552\/revisions\/5553"}],"wp:attachment":[{"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall2018\/wp-json\/wp\/v2\/media?parent=5552"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall2018\/wp-json\/wp\/v2\/categories?post=5552"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall2018\/wp-json\/wp\/v2\/tags?post=5552"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}