This entry was posted on Friday, August 1st, 2008 at 3:51 pm and is filed under General Category. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
Security Bites 110: Breaking Google Gadgets
|
|
From gadgets that slide-show pictures of vacations past to calendars that show events in the future, Google Gadgets look cool. But they also have the potential to contain vulnerabilities like anything else within Web 2.0.
By design, Google Gadgets allow scripted code to be uploaded by the end user, creating interesting new attack vectors for those with malicious intent.
CNET’s Robert Vamosi talked with Robert Hansen (aka Rsnake), chief executive of SecTheory, and Tom Stracener (aka Strace) of Cenzic. Both will be presenting a talk called “Xploiting Google Gadgets: Gmalware and Beyond” at the annual Black Hat conference in Las Vegas next week.
During the talk, they plan to disclose a zero-day vulnerability in Google Gadgets that will make Gmalware (Gmodules-based malware) a significant threat.
Listen now:
See Also:
- MLB’s Torii Hunter to Pick WeMix.com Artist to Write and Record His Personal In-Game Theme Song Through Nationwide WeMix Songwriting Contest
- IBM aims $400 million at cloud computing
- Amazon to acquire rare-book site AbeBooks
- National Assn. for Health Care Recruitment Announces Class of 2008 Certified Health Care Recruiters
- MLB’s Torii Hunter to Pick WeMix.com Artist to Write and Record His Personal In-Game Theme Song Through Nationwide WeMix Songwriting Contest
[Via CNET - News.com]
Leave a Reply
