[Discussion] new thread: biggest threats
Andre Ludwig
aludwig at packetspy.com
Wed Oct 22 13:59:21 UTC 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
JS is a means, not an end.
Andre
Martin Holste wrote:
> I would agree that for the server arena, SQL injection is probably the
> biggest current threat for most as far as potential damage to their
> organization.
>
> For client side, I think that malicious Javascript has got to be near
> the top. I was picking apart an attack last week in which the
> attackers had gotten an ad banner on a major ad syndicate which was
> iframing to a particularly nasty bit of Javascript. This script
> created two Java classes by binary packing the entire object as a
> Javascript string, then referring to that object in the same
> Javascript. The next thing the client did was to make a malware
> download with "Java 1.5" in the user agent. While browser plugin and
> client-side app vulnerabilities rotate, the attack vectors and payload
> delivery framework usually rely on Javascript.
>
> Brainstorm: Create an IP/domain blacklist that the NoScript guys can
> have their plugin point at?
>
> --Martin
>
> On Wed, Oct 22, 2008 at 6:37 AM, David Glosser
> <david.glosser at gmail.com <mailto:david.glosser at gmail.com>> wrote:
>
> What are the biggest threats out there (and tomorrow?) today that
> this new project may be of benefit?
>
> I'm voting for:
> asprox/sql injection - website owners having their sites infected,
> which means, for granny, it's no longer possible just to tell granny
> to only go to safe sites... And When adobe's site is infected (1) ,
> it's a corporate issue as well
> fake security sites - so many domains, fast flux, double-fast flux,
> etc. very low initial detection, sigs are always playing catchup
> future - continuing infection of web sites running unpatched software,
> dns or bgp-related attacks/exploits
>
> As this is brainstorming, if you don't think it's a good thread,
> don't criticize, just don't respond ;)
>
> (1)http://blogs.zdnet.com/security/?p=2039
> _______________________________________________
> Discussion mailing list
> Discussion at openinfosecfoundation.org
> <mailto:Discussion at openinfosecfoundation.org>
> http://lists.openinfosecfoundation.org/mailman/listinfo/discussion
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Discussion mailing list
> Discussion at openinfosecfoundation.org
> http://lists.openinfosecfoundation.org/mailman/listinfo/discussion
>
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.9.0 (Build 397)
Charset: ISO-8859-1
wsBVAwUBSP8xusjAfVnRK9hXAQjwswf/aN0WNBJYYAgrKv9q2gHSpKT/N4ittxIY
2/iImQHxftwNfgic1YY6GWKIe1mNz66JjPSAqVQqAo0Yf0D5gE3jNHuVPMG4AxGw
mGtvvjQFFTXNiY3QTuaRiWFAGnTaGTI50hApqOLs5kmvVRodSGqlNgdc96RqLF3R
lEbU8AUcMQXn4TWQWK8hSkDNYOdcXhqg9FlXb2U0xwadrsSbS1zjcJ6rdbtsQLPk
V1vgw/f3Eu2ZNeWGu4Q5ZkIHjL+iHj8+kHFfT92fbWjhsaklkdKfT9owZZTGVl/Z
etBMNvt18gi6IosqVWWDdniFRw/byjsBqYiUFnqejkzJkylQy/vn2A==
=bJtL
-----END PGP SIGNATURE-----
More information about the Discussion
mailing list