Thursday, August 03, 2006

Black Hat: RSS For Hackers?

Sean Michael Kerner writes on internetnews.com:

RSS is a great technology for delivering content; it's also a potentially destructive tool for hackers to use as an attack-delivery system.

In a Black Hat presentation here, SPI Dynamics Security Engineer Robert Auger laid bare the plain facts on RSS and ATOM feed exploitation.

Auger tested both Web-based and local RSS readers and found both types to be ripe platforms for malicious users to exploit with code injection that could steal users' credentials, cookies, keystrokes and other information.

More here.

0 Comments:

Post a Comment

<< Home