The Most Poisonous Bugs - See More Slide Shows Like This One!
The Most Poisonous Bugs
Some of the vulnerabilities discussed at the Black Hat Briefings in Las Vegas simply dont have any easy fixes, short of rearchitecting the Web. Here are some of the things that had people shaking their heads as they walked out of presentations.
The Most Poisonous Bugs - Intranet Invasion via Anti-DNS Pinning
DNS pinning, a browser technique intended to prevent DNS spoofing attacks, ties a single IP address to a single domain. Researchers have found that its dismayingly easy to attack, however. EchoStar Satellite Security Architect David Byrne demonstrated h
The Most Poisonous Bugs - DNS Rebinding
Similar to Byrnes findings are those of IOActive Director of Penetration Testing Dan Kaminsky. Kaminsky demonstrated how an attacker can lure a victim and turn his browser into a proxy, thereby enabling the attacker to bypass firewalls, penetrate VPNs a
The Most Poisonous Bugs - Defense Against DNS Rebinding/Anti-DNS Pinning
The most obvious defense, Byrne said, is to change the browser to permanently pin cache. But that wont address browser-restart attacks nor attacks using plug-ins such as Java, Flash or ActiveX.
Byrne also suggested some browser security measures. O
The Most Poisonous Bugs - Digital Signatures That Bite
XSLT (Extensible Stylesheet Language Transformations) is a programming language: very simple, not declarative, not massively powerful. Its how XML signatures are shipped. At some point, it seems as if somebody said, Wow, this XSLT is really restri
The Most Poisonous Bugs - Remediation for XML Signature Attacks
To avoid XML signature attacks, Hill suggests disabling the XSLT transform by default. There are a host of other security precautions to take, and Hill has laid them out in a white paper, Command Injection in XML Signatures and Encryption. T