We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Javascript Malware Targets Intranets
Options
deary65
Posts: 818 Forumite
in Techie Stuff
QUOTE
There's a chilling mode of attack quietly emerging that forces an unsuspecting browser into hacking into the user's own corporate intranet. From there, the attacker can scan the network, reconfigure network devices such as routers and firewalls, or even break into corporate payroll systems.
Attackers already use this JavaScript-based malware via cross-site scripting (XSS) to attack public Websites. But Jeremiah Grossman...will demonstrate at next week's Black Hat conference...how this method can just as easily hack into a corporate intranet...Grossman will show how intranets...are prime targets for these JavaScript-based attacks that use XSS to exploit weaknesses in an organization's Web applications and take control of its internal network devices.
http://www.darkreading.com/document.asp?doc_id=99686&WT.svl=news1_2
There's a chilling mode of attack quietly emerging that forces an unsuspecting browser into hacking into the user's own corporate intranet. From there, the attacker can scan the network, reconfigure network devices such as routers and firewalls, or even break into corporate payroll systems.
Attackers already use this JavaScript-based malware via cross-site scripting (XSS) to attack public Websites. But Jeremiah Grossman...will demonstrate at next week's Black Hat conference...how this method can just as easily hack into a corporate intranet...Grossman will show how intranets...are prime targets for these JavaScript-based attacks that use XSS to exploit weaknesses in an organization's Web applications and take control of its internal network devices.
http://www.darkreading.com/document.asp?doc_id=99686&WT.svl=news1_2
Any posts by myself are my opinion ONLY. They should never be taken as correct or factual without confirmation from a legal professional. All information is given without prejudice or liability.
0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 350.9K Banking & Borrowing
- 253.1K Reduce Debt & Boost Income
- 453.5K Spending & Discounts
- 243.9K Work, Benefits & Business
- 598.7K Mortgages, Homes & Bills
- 176.9K Life & Family
- 257.2K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards