Drive-By Pharming – Let me fine tune your DNS entries
ABC News reports on a new attack vector targeted at broadband routers / acces points : Drive-By Pharming. This attack has one of the most devastating potential we’ve seen this year and I would rate it as very high impact. Maybe not as massive as the Universal PDF XSS Vulnerability , but still raises a few big question marks about web applications’ security. C’mon, directly altering my router’s DNS settings ? How scary is that … Here is an ABC News quote on the subject :
Professor Markus Jakobsson of Indiana University has done a lot of research on router vulnerabilities. Jeremiah Grossman of WhiteHat Security gave a talk at the Black Hat conference last year on Javascript malware. Zulfikar Ramzan of Symantec Security Response put the two pieces together… and realized that it’s possible for Javascript on a web site to modify your router’s DNS settings.
The full release by Zulfikar Ramzan of Symantec Security Response.
Thank you for reading this post. You can now Leave A Comment (0) or Leave A Trackback.
Print This Post
Post Info
This entry was posted on Tuesday, February 20th, 2007 . Tagged with:You can follow any responses to this entry through the Comments Feed. You can Leave A Comment, or A Trackback.
Previous Post: Blind SQL Injection Tool : sqlmap »
Next Post: PHP vs. PHP. Live bugs every day during March »
Read More
Related Reading:- My Twitter Notes on 2010-07-25
- New NetWitness Visualize : Welcome To The Future!
- My Twitter Notes on 2010-07-18
- My Twitter Notes on 2010-07-11
- My Twitter Notes on 2010-06-27
- Qualys and Imperva Integration: Natural Evolution
- My Twitter Notes on 2010-06-20
- Pro CERT – First Romanian Commercial CERT
- GFI EventsManager 2010 Review
- My Twitter Notes on 2010-06-13
