Google is bringing Chrome in line with the likes of Safari and Firefox by introducing a security feature that will help to protect users against tab hijacking, according to TechRadar. A technique known as tab-nabbing is used in various attacks, including phishing campaigns that redirect victims to malicious sites, but it can be avoided if websites are coded in a particular way. With Chrome 88, Google is taking steps to offer protection against a particular variant of this threat – an exploit takes advantage of the fact that when a link is opened in a new tab using the attribute target=_blank, the new tabs retains access to the original page. If a website uses the rel=”noopener” attribute, this exploit is stopped in its tracks, but not all sites do this – especially older ones that are no longer being maintained. Google is finally going to start automatically using rel=”noopener” for any newly opened tab, just as already happens in Firefox and Safari. It’s not clear quite why it has taken Google so long to catch up with other browser; Mozilla and Apple introduced measures to counter tab-nabbing way back in 2018.
Experts Comments
Submit Your Expert Comments
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.Be part of our growing Information Security Expert Community (1000+), please register here.
Linkedin Message
@Jake Moore, Cybersecurity Specialist, provides expert commentary at @Information Security Buzz.
"It is vital to keep your browser auto-updated, check all URLs...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/what-expert-says-on-chrome-adding-anti-hijacking-feature
Facebook Message
@Jake Moore, Cybersecurity Specialist, provides expert commentary at @Information Security Buzz.
"It is vital to keep your browser auto-updated, check all URLs...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/what-expert-says-on-chrome-adding-anti-hijacking-feature