Javascript Attacks on Steroids

Just sat through a rather disturbing presentation here at Black Hat on how bad guys can use Javascript to circumvent hardware and software firewalls and wreak havoc on a target's internal network.

Jeremiah Grossman and T.C. Niedzialkowski, both of Santa Clara, Calif. based WhiteHat Security, showed Javascript tricks that could allow attackers to monitor which sites users have visited, change the configuration of their firewalls, and even record victims' keyboard strokes. Javascript Attacks on Steroids - Security Fix

Linked by shanmuga Friday, 4th August 2006 2:48AM