Feel free to include my content in your page via my
RSS feed
Follow @irongeek_adc
Help Irongeek.com pay for
bandwidth and research equipment:
Search Irongeek.com:
Help Irongeek.com pay for bandwidth and research equipment:
This talk will cover malicious JavaScript currently being
used in the wild. It will start with the big daddy of embedded malicious
JavaScript, Asprox, which last year gave rise to panicked headlines like
"100,000s of websites compromised" and continuing through more recent samples
such as the fake Yahoo Counter and the recent MS09-002 exploits. We will look at
attack vectors, obfuscation techniques, and multi-stage delivery systems, and
exploits used. This will feature the analysis of several samples harvest from
the wilds of the Internet.
Related Links: Download AVI from: Streaming Flash:
[フレーム]
Special thanks to Scott and Brandon Moulton for the AV work, and SkyDog for
letting me rip the videos.
Bio: My name is Nick Chapman. I'm a security researcher with
the SecureWorks Counter-Threat Unit. Prior to focusing on security issues full
time, I worked as both a System Administrator and Network Engineer in the ISP
world.
http://www.outerz0ne.org/
http://hackerconsortium.com
.
http://archive.org/download/Outerz0ne2009/Irongeek-NickChapmanEmbeddedMaliciousJavascript885.avi
http://blip.tv/file/get/Irongeek-NickChapmanEmbeddedMaliciousJavascript885.avi
15 most recent posts on Irongeek.com:
If you would like to republish one of the articles from this site on your
webpage or print journal please contact IronGeek.
Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast