JavaScript Malware Open The Door to the Intranet

Anonymous Reader writes “”C|Net and Dark Reading are reporting that JavaScript malware is opening the door for hackers to attack internal networks. During the Black Hat Briefings conference Jeremiah Grossman (CTO, WhiteHat Security) ‘…will be showing off how to get the internal IP address, how to scan internal networks, how to fingerprint and how to enter DSL routers … As we’re attacking the intranet using the browser, we’re taking complete control over the browser.’ According the the article, the presence of cross-site scripting vulnerabilities (XSS) dramatically increase the possible damage that can be caused. The issue also not which-browser-is-more-secure, as all major browsers are equally at risk. Grossman says ‘The users really are at the mercy of the Web sites they visit. Users could turn off JavaScript, which really isn’t a solution because so many Web sites rely on it.””

RELATED ARTICLESMORE FROM AUTHOR

Maintainer Confidential: Challenges and Opportunities One Year On

Bridging Design and Runtime Gaps: AsyncAPI in Event-Driven Architecture

Implementing OpenTelemetry Natively in an Event Broker

Innovation as a Catalyst in Telecommunications

Linux 6.8 Brings More Sound Hardware Support For Intel & AMD, Including The Steam Deck

RELATED ARTICLES MORE FROM AUTHOR