Watch out for that little digital clock or virtual aquarium currently dressing up your iGoogle page. It could be a welcome mat for a hacker, or at least that's what Tom Stracener, senior security analyst at security firm Cenzic says.
At Black Hat USA 2008 in Las Vegas, Cenzic, along with hacker Robert Hansen, will present a session called "Xploiting Google Gadgets: Gmalware and Beyond," that aims to show how Google Gadgets, those little applications created to run within other applications like email or on an iGoogle homepage, can be used to attack a PC or network.
According to the press release for the event: "Mr. Stracener has already ported various JavaScript attack utilities to Google Gadgets (like PDP's JavaScript port scanner) and will demonstrate ways to create Gadgets that allow you to port scan internal systems and conduct various JavaScript hacks via malicious gadgets. This presentation will also disclose a "zero day" vulnerability in Google Gadgets that makes Gmalware a significant threat."
Sounds like fun. The session is scheduled for Wednesday, Aug. 6. For more information on the session or Black Hat in general, visit the conference site here.
The Google Subnet blog is the official blog of Network World's Google Subnet community. Google Subnet is the independent voice of Google customers and is your gateway to daily Google news, blogs, tips and more. Visit the Google Subnet home page daily.
The opinions expressed in this Weblog are those of the writer and may not represent the opinions of Network World.
|
|
Post new comment