Networking Forums
Home Register Members Search Links
Member Login:

Networking Forums > Wireless Networking > Wireless Internet > NEWS: Researchers warn over web worms

Reply
Thread Tools Display Modes

NEWS: Researchers warn over web worms

 
 
John Navas
Guest
Posts: n/a

 
      08-06-2006, 04:56 PM
<http://www.securityfocus.com/news/11405>

Exploiting a lack of security checks in browsers and Web servers, Web
worms and viruses are likely to become a major threat to surfers,
security researchers speaking at the Black Hat Briefings warned on
Thursday.

In separate presentations, researchers showed off techniques for
using Javascript code on Web pages to grab browser histories and scan
internal networks as well as using AJAX--a technology that adds
interactive features to Web sites--to create Web viruses that can
steal personal information. The threats are not only theory, but have
been used to attack MySpace users and Yahoo users, said Billy
Hoffman, lead research and development researcher for Web security
firm SPI Dynamics.

"This isn't a proof of concept; this isn't academic," Hoffman told
attendees at the Black Hat Briefings. "People are already doing
this."

...

Grossman showed off techniques for detecting which of a list of
popular sites that a victim has visited and demonstrated a way to
port scan an internal network to which the victim is connected, all
through Javascript and without exploiting vulnerabilities.

"We don't need to hack the operating system anymore--everything you
need to attack is online," Grossman said.

...

There are few other defenses against the attacks, aside from turning
off Javascript, Hoffman said.

Secure Sockets Layer (SSL) encryption, far from helping secure
against such attacks, could instead aid them in dodging detection by
intrusion detection, or prevention, systems, he said. If the Web site
from which the attack is launched uses SSL, then the
traffic--encrypted between the site and the user--cannot be parsed by
a network-based IDS system.

The most permanent fix would be for browser makers to find ways to
confirm that AJAX code is indeed running in the context of the
current Web site being visited by a user, while marking Web requests
with the source of the request--whether a human or a script--could
limit attacks on high-value sites, such as brokerage firms and banks.

"We have made a call out to the browsers makers to fix the problems,"
Grossman said. "We hope it comes soon before the bad attacks happen."

[MORE]

--
Best regards,
John Navas
 
Reply With Quote
 
 
 
 
Duane Arnold
Guest
Posts: n/a

 
      08-06-2006, 05:35 PM
What? Is this another one of your Jr. G-Man *Alerts* Johnny-Boy-G-Man?

Duane
 
Reply With Quote
Reply

« D-Link DCS-950G or Panasonic BL-C30 ? | dd-wrt vpn userlogging »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
ZEN warn of PHISHING mail.. Spamtastic Spastic Broadband 2 11-18-2009 07:23 AM
A Wi-Fi virus outbreak? Researchers say it's possible NotMe Wireless Internet 0 01-13-2008 04:46 PM
Canvassers / Market Researchers opps Home Networking 3 04-05-2007 09:01 PM
Virus worms B.W. Wireless Networks 4 03-26-2007 01:12 AM
How to detect WORMS/VIRUS that send spam Steve Phils Linux Networking 12 08-12-2004 09:43 AM


Forum Software Powered by vBulletin®, Copyright Jelsoft Enterprises Ltd.
SEO by vBSEO 3.3.2 ©2009, Crawlability, Inc.
Contact Us - Archive - Privacy Statement - Top

1 2 3 4 5 6 7 8 9 10 11