Filed under Hacks, Privacy
Tagged as google, Scary, XSS
The security researcher who created the MySpace XSS worm in 2005 has developed a technique that enables an attacker to accurately locate a Web user with GPS coordinates, without using IP-based geolocation.
Samy Kamkar, the author of the infamous Samy worm that spread through MySpace, on Monday published information about a new technique that can be used to exploit a vulnerability in some home Internet routers and, when combined with other information, pinpoint a user’s physical location. The tactic utilizes a combination of cross-site scripting and some freely available tools and information on the Web.
In an example of the attack Kamkar published on his site, the attacker must first get the victim to visit a malicious Web site, which then exploits a cross-site scripting flaw in the victim’s home router. In his example, Kamkar uses a flaw he discovered in a router used by Verizon FiOS customers. A bit of AJAX code then grabs the router’s MAC address and sends it off to the attacker.
The attacker then sends the MAC address through Google Location Service via the Location-Aware Browsing service in Firefox. The result: a set of longitude and latitude coordinates for the victim’s PC.
Kamkar released the Samy worm on MySpace in 2005 and it quickly spread across the site, leaving messages on millions of users’ pages. He later was sentenced to three years’ probation as part of a plea agreement stemming from the incident.
Source: Threat Post
Filed under Hacks, Security
Tagged as exploit, flash, XSS
A security researcher has identified more than 8 million Adobe Flash files that make the websites hosting them vulnerable to attacks that target visitors with malicious code.
The Flash files are contained on a wide variety of sites operated by online casinos, news organizations, banks, and professional sports teams. They make the pages where they reside susceptible to XSS, or cross-site scripting, attacks that have the potential to inject malicious code and content into a visitor’s browser and in some cases steal credentials used to authenticate user accounts.
The researcher, who goes by the moniker MustLive, said the Flash files contain poorly written ActionScript used to count the number of times a banner has been clicked and typically contain the clickTAG or url parameters. Google searches here and here identified a total more than 8.3 million of them on sites hosted by the New York Giants football team, Praguepost.com and ParadaisPoker.com. Because Google results are often abbreviated, the actual number is probably higher.
MustLive said websites that host the buggy content aren’t automatically vulnerable to XSS exploits. Indeed, even though the pages on the official Citibank website included such content, XSS attacks that tried to exploit them failed.
Source: The Register
The latest version of Microsoft’s Internet Explorer browser contains a bug that can enable serious security attacks against websites that are otherwise safe.
The flaw in IE 8 can be exploited to introduce XSS, or cross-site scripting, errors on webpages that are otherwise safe, according to two Register sources, who discussed the bug on the condition they not be identified. Microsoft was notified of the vulnerability a few months ago, they said.
Ironically, the flaw resides in a protection added by Microsoft developers to IE 8 that’s designed to prevent XSS attacks against sites.
Source: The Register
Filed under Security
Tagged as exploit, XSS
Nearly two-thirds of Web sites have at least one serious security issue that would allow someone to remotely attack the site, WhiteHat Security said this week, citing a recent survey of its clients.
According to the Web security firm’s data, two-thirds of sites had cross-site scripting (XSS) flaws, nearly half had information disclosure issues and 31 percent were vulnerable to content spoofing. The volume of vulnerabilities, however, was dominated by cross-site scripting flaws, which accounted for 63 percent of the total flaws found by WhiteHat.
More at: Security Focus
