Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Speakers from Cenzic, Dasient will show how easy it is to infect a well-known site
2 Min Read
If seeing is believing, then some RSA conference attendees could get a dose of religion on the threat of drive-by malware downloads next week.
In a session on Wednesday entitled "Drive By Downloads: How to Avoid Getting a Cap Popped in Your App," speakers Lars Ewe of Cenzic and Neil Daswani of Dasient will present a live download of a benign application onto a well-known website to show how easy it is to infect a legitimate site -- and all of its visitors.
The "attack" will take advantage of a cross-site scripting flaw to download a simple Windows calculator app that will not harm the site or its users -- but it will help to show why drive-by downloads are quickly replacing email attachments as the favorite method for spreading malware, the speakers say.
The operator of the site, which the speakers declined to name, has been notified of the XSS flaw and will initiate a fix as soon as the demonstration is complete, the speakers add. "One of the things that we're trying to show is that the level of sophistication required to do these drive-by downloads is not high, but the damage is maximum," says Ewe, who is CTO and vice president of engineering for Cenzic. "There are many ways that a site can get infected, and some of them are really not that hard to do. Yet they affect not only the site itself, but all of its visitors."
"What we're seeing is that drive-by downloads are becoming the method of choice for deploying new malware," says Daswani, CTO and co-founder of Dasient. "Yet a lot of companies still don't do very much with application security -- we need to get the word out that the attack pattern is changing. That's what this [presentation] will help to do."
The presentation will also demonstrate the pairing of tools like those from Cenzic -- which offers application scanning and remediation -- with services like Dasient, which offers malware detection and monitoring.
"We want to show the value of combining application scanning and patching with ongoing monitoring to create a more defense-in-depth approach," Daswani says.
Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.
About the Author(s)
You May Also Like
More Insights
Webinars
Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024
Events
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024
