This story was originally published on HackerNoon at: https://hackernoon.com/fullscreen-bitm-attack-discovered-by-squarex-exploits-browser-fullscreen-apis-to-steal-credentials.
A common BitM attack involves displaying the legitimate login page of an enterprise SaaS
Check more stories related to cybersecurity at: https://hackernoon.com/c/cybersecurity. You can also check exclusive content about #cybersecurity, #squarex, #press-release, #cybernewswire, #squarex-announcement, #cyber-security-awareness, #cybercrime, #good-company, and more.
This story was written by: @cybernewswire. Learn more about this writer by checking @cybernewswire's about page, and for more stories, please visit hackernoon.com.
A new attack on Safari uses a flaw in the Fullscreen API to create a fullscreen BitM window. Safari users are especially vulnerable to this attack as there is no clear visual indicator of users entering fullscreen. Existing security solutions fail to detect the attack and are proven to be obsolete when it comes to detecting any BitM attack.