Robert Auger And Caleb Sima: Zero Day Subscriptions: Using RSS And Atom Feeds As Attack Delivery Systems Black Hat Briefings, Las Vegas 2006 [Video] Presentations From The Security Conference podcast

תוכן מסופק על ידי Black Hat and Jeff Moss. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי Black Hat and Jeff Moss או שותף פלטפורמת הפודקאסט שלהם. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.

Black Hat Briefings, Las Vegas 2006 [Video] Presentations from the security conference
Robert Auger and Caleb Sima: Zero Day Subscriptions: Using RSS and Atom feeds As Attack Delivery Systems

18+ y ago 43:05

שתפו

MP4•בית הפרקים

This presentation will discuss the use of RSS and Atom feeds as method of delivering exploits to client systems. In our research we have found a number of RSS clients, both local and web-based, that are far too trusting of the content that is delivered via feeds. Although this content arrives as well-formed XML, fundamentally it originated as user input elsewhere. Like any such data, it can contain malicious and mal-formed content, yet many clients fail to guard against this. And though such content by definition originates remotely, many clients use methods of display that cause it to be trusted as if it were locally originated. As RSS becomes more ubiquitous, the scope of this problem becomes worse. Many RSS feeds are machine generated from content originating in other feeds, search engine results, and so on. This means that feed subscribers can even be targeted without them actually subscribing to your feed at all. This has potential uses for worm propagation, botnet creation, and other forms of attack."

86 פרקים

#Podcasting #Tech #Blackhat Briefings And Training #Blackhat Usa 2006 #Black Hat Vegas #Blackhat Vegas #Hacking #Computer Security #Speeches #Presentations #Spoken Word #Audio #Tech News #Jeff Moss #Video #Conventions