On Ma, 21 dec 21, 10:13:07, Jeremy Ardley wrote: > On 21/12/21 10:09 am, Jeremy Ardley wrote:s. > > There is a type of attack called cross-site scripting (XSS). It's mostly > > been eliminated by latest version browsers, but there are always > > zero-day vulnerabilities. > > > > The effect is that if you are vulnerable and have two tabs open, one to > > the legitimate site, and one to a bad guy site, the bad guy can alter > > your trusted site and for instance change a valid link into something > > malicious, or change a displayed phone number. > > > > More at https://owasp.org/www-community/attacks/xss/ > > > > You can mitigate XSS by having a single browser that is used solely to > access high value sites. e.g. if you routinely run Firefox, have a copy of > Vivaldi that you use to access your banks - one at a time. Hopefully Multi-Account Containers helps with this as well, point 4. in the "What you can do with Multi-Account Containers" seems to imply it. https://support.mozilla.org/en-US/kb/containers Kind regards, Andrei -- http://wiki.debian.org/FAQsFromDebianUser
Attachment:
signature.asc
Description: PGP signature