Clickjacking 2.0 with drag & drop
At the Black Hat Europe hacker conference that has just concluded in Barcelona, British IT security expert Paul Stone demonstrated a new generation of clickjacking attacks. Clickjacking involves a crafted web site inserting a transparent iFrame underneath the cursor. Believing themselves to be clicking on the displayed web page, users in fact find themselves clicking on control elements (e.g. buttons) on a transparent iFrame from another website.
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump