We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
The Forum now has a brand new text editor, adding a bunch of handy features to use when creating posts. Read more in our how-to guide
Javascript Malware Targets Intranets
deary65
Posts: 818 Forumite
in Techie Stuff
QUOTE
There's a chilling mode of attack quietly emerging that forces an unsuspecting browser into hacking into the user's own corporate intranet. From there, the attacker can scan the network, reconfigure network devices such as routers and firewalls, or even break into corporate payroll systems.
Attackers already use this JavaScript-based malware via cross-site scripting (XSS) to attack public Websites. But Jeremiah Grossman...will demonstrate at next week's Black Hat conference...how this method can just as easily hack into a corporate intranet...Grossman will show how intranets...are prime targets for these JavaScript-based attacks that use XSS to exploit weaknesses in an organization's Web applications and take control of its internal network devices.
http://www.darkreading.com/document.asp?doc_id=99686&WT.svl=news1_2
There's a chilling mode of attack quietly emerging that forces an unsuspecting browser into hacking into the user's own corporate intranet. From there, the attacker can scan the network, reconfigure network devices such as routers and firewalls, or even break into corporate payroll systems.
Attackers already use this JavaScript-based malware via cross-site scripting (XSS) to attack public Websites. But Jeremiah Grossman...will demonstrate at next week's Black Hat conference...how this method can just as easily hack into a corporate intranet...Grossman will show how intranets...are prime targets for these JavaScript-based attacks that use XSS to exploit weaknesses in an organization's Web applications and take control of its internal network devices.
http://www.darkreading.com/document.asp?doc_id=99686&WT.svl=news1_2
Any posts by myself are my opinion ONLY. They should never be taken as correct or factual without confirmation from a legal professional. All information is given without prejudice or liability.
0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 353.5K Banking & Borrowing
- 254.1K Reduce Debt & Boost Income
- 455K Spending & Discounts
- 246.5K Work, Benefits & Business
- 602.8K Mortgages, Homes & Bills
- 178K Life & Family
- 260.5K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards