Backdooring MP3 Files

Recently I published information on how specially crafted HTML (remote and local), Flash and QuickTime (.mov) files can be used by malicious users to target and exploit internal and external networks. Than my friend and college David K released his findings on backdooring PDF documents via builtin Adobe Reader JavaScript features. Also, JavaScript malware via Google AJAX Search API seams to be possible and could affect many popular web products. As Billy Hoffman said XSS is the new hotness!. [...]

more | comments | comments rss | posted by