Blog readers vulnerable to embedded malware

Reading blogs could cause your computer to catch a virtual cold, said a leading security expert yesterday at the Black Hat USA conference.

Internet users who employ Web-based services such as Bloglines or Web browsers such as Firefox to read Web site feeds and blogs are vulnerable to embedded malicious code that can install spyware, log users' passwords, scan PCs and corporate networks for open ports and more, said Caleb Sima, chief technology officer at SPI Dynamics Inc., an Atlanta-based Web application security company.

So far, only a few proof-of-concept attacks against blog readers from Google and Yahoo have occurred, Sima said, though he believes that more are on the way. Black Hat: Blog readers vulnerable to embedded malware

Linked by shanmuga Friday, 4th August 2006 2:21AM