|
Hacking The Handshake Between Applications |
|
|
|
Source: Dark Reading - Posted by anthony
|
Researchers to shed light on a new generation of attacks that exploit the relationship between browsers and their plug-ins -- or between any applications that share information -- and take over a victim's computer.
A little-known class of vulnerabilities can be used to hack the trust between browsers and their plug-ins, as well as other applications, according to new research on tap at Black Hat USA next week in Las Vegas.
Researchers Ryan Smith, a vulnerability researcher at iDefense; Mark Dowd, X-Force research engineer for IBM ISS; and David Dewey, a researcher for IBM ISS; will demonstrate attacks that exploit these bugs and let an attacker hack the communication between different application components. So-called "type-confusion" vulnerabilities have typically been associated with Java applications, but the researchers found they also affect C and C++ code.
Read this full article at Dark Reading
Only registered users can write comments.
Please login or register. Powered by AkoComment! |
