{"id":131850,"date":"2021-12-06T03:22:48","date_gmt":"2021-12-06T11:22:48","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2021\/12\/14-new-xs-leaks-cross-site-leaks-attacks-affect-all-modern-web-browsers"},"modified":"2021-12-06T03:22:48","modified_gmt":"2021-12-06T11:22:48","slug":"14-new-xs-leaks-cross-site-leaks-attacks-affect-all-modern-web-browsers","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2021\/12\/14-new-xs-leaks-cross-site-leaks-attacks-affect-all-modern-web-browsers","title":{"rendered":"14 New XS-Leaks (Cross-Site Leaks) Attacks Affect All Modern Web Browsers"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/14-new-xs-leaks-cross-site-leaks-attacks-affect-all-modern-web-browsers2.jpg\"><\/a><\/p>\n<p>Researchers have discovered 14 new types of cross-site data leakage attacks against a number of modern web browsers, including Tor Browser, Mozilla Firefox, Google Chrome, Microsoft Edge, Apple Safari, and Opera, among others.<\/p>\n<p>Collectively known as \u201cXS-Leaks,\u201d the browser bugs enable a malicious website to harvest personal data from its visitors as they interact with other websites in the background without the targets\u2019 knowledge. The <a href=\"https:\/\/xsinator.com\" rel=\"noopener\" target=\"_blank\">findings<\/a> are the result of a comprehensive study of cross-site attacks undertaken by a group of academics from Ruhr-Universit\u00e4t Bochum (RUB) and Niederrhein University.<\/p>\n<p>\u201cXS-Leaks bypass the so-called <a href=\"https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/Security\/Same-origin_policy\" rel=\"noopener\" target=\"_blank\">same-origin policy<\/a>, one of a browser\u2019s main defences against various types of attacks,\u201d the researchers <a href=\"https:\/\/news.rub.de\/english\/press-releases\/2021-12-02-it-security-14-new-attacks-web-browsers-detected\" rel=\"noopener\" target=\"_blank\">said<\/a> in a statement. \u201cThe purpose of the same-origin policy is to prevent information from being stolen from a trusted website. In the case of XS-Leaks, attackers can nevertheless recognize individual, small details of a website. If these details are tied to personal data, those data can be leaked.\u201d<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Researchers have discovered 14 new types of cross-site data leakage attacks against a number of modern web browsers, including Tor Browser, Mozilla Firefox, Google Chrome, Microsoft Edge, Apple Safari, and Opera, among others. Collectively known as \u201cXS-Leaks,\u201d the browser bugs enable a malicious website to harvest personal data from its visitors as they interact with [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[31],"tags":[],"class_list":["post-131850","post","type-post","status-publish","format-standard","hentry","category-policy"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/131850","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=131850"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/131850\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=131850"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=131850"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=131850"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}