[ news_security_news ]
When JavaScript Goes Bad
Doug Caverly
Staff Writer
2006-07-31
 Insider Reports RSS Feed
Researchers at SPI Dynamics and WhiteHat Security have discovered a new way in which JavaScript can act as malware. This method of attack can bypass firewalls and other security measures, and affects just about everything connected to target computers, from servers to devices.
A CNET article described the "malicious JavaScript." It "can be embedded in a Web page and will run without warning when the page is viewed in any ordinary browser . . . . The JavaScript first determines the internal network address of the PC. Then . . . it starts scanning the local network for Web servers. These can be computers that serve Web pages, but they can also include routers, printers, IP phones and other networked devices or applications that have a Web interface."
SPI Dynamics and WhiteHat Security both intend to discuss this discovery at next week's Black Hat gathering in Las Vegas. In the meantime, Joris Evers got a quote from Fyodor Vaskovich, "creator of the popular Nmap network port scanning tool."
"There has been little motivation to explore side-channel attacks such as this one," Vaskovich said. "But a key advantage of the SPI Dynamics vulnerability is that it is difficult to fix without breaking many Web applications. So it may be around for years to come."
What can you do to protect yourself? Not much, according to Jeremiah Grossman, the chief technology officer at WhiteHat Security, who spoke to CNET. "All our protection recommendations are server-side," he said. "The users really are at the mercy of the Web sites they visit."
Tag: Malicious JavaScript
Add to  Del.icio.us |  Digg |  Yahoo! My Web |  Furl
Get all the updates in RSS: 
About the Author:
Doug is a staff writer for SecurityProNews, InternetFinancialNews, SearchNewz, and WebProNews.
More news_security_news Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
