Create an Account
username: password:
 
  MemeStreams Logo

First case of "drive-by pharming" identified in the wild - Network World

search

Acidus
Picture of Acidus
My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

Acidus's topics
Arts
Business
Games
Health and Wellness
Home and Garden
Miscellaneous
Current Events
Recreation
Local Information
Science
Society
Sports
Technology

support us

Get MemeStreams Stuff!


 
First case of "drive-by pharming" identified in the wild - Network World
Topic: Miscellaneous 1:05 am EST, Jan 23, 2008

The first drive-by pharming attack has been observed against a Mexican bank: “It’s associated with an e-mail pretending to be from a legitimate Spanish-language e-greeting card company, Gusanito.com,” says Symantec Security Response principal researcher Zulfikar Ramzan. Inside the e-mail is an HTML image tag but instead of displaying images, it sends a request to the home router to tamper with it.

Will someone finally take CSRF vulnerabilities seriously now? "Utter horror show" is an accurate description of the security status of most router's web interfaces. The Linksys box sitting next to me has an CSRF vuln that allows you to reset the WEP key. Unacceptable.

First case of "drive-by pharming" identified in the wild - Network World



 
 
Powered By Industrial Memetics
RSS2.0