Security Secrets the Bad Guys Don’t Want You to Know
Page : 1 2 3 4 5 6 7 8 9 10 11 12 13ALL
trust.
JavaScript is very popular, and for good reason. It works in almost all browsers, and it makes the Web a lot more dynamic. But it also enables bad guys to trick your browser more easily into doing something that it shouldn’t. The deception could be something as simple as telling the browser to load an element from another Web page. Or it could involve something more complicated, like a cross-site scripting attack, which gives the attacker a way to impersonate the victim on a legitimate Web page.
JavaScipt attacks are everywhere. If you use Facebook, you may have seen one of the latest. Lately, scammers have set up illegitimate Facebook pages offering things like a free 0 gift card if you cut and paste some code into your browser’s address bar.
Chris Boyd, security researcher with Sunbelt SoftwareThat code is JavaScript–and you should never add