[WEB SECURITY] "RSS Is Worm Bot's Next Target"

[Jeremiah Grossman]

Closely related:

"Noted security guru Marcus Ranum has observed that "these days, with  
the kind of plug-ins that come in your typical browser, combined with  
all the bizarre undocumented protocols used by new Internet  
applications; makes it highly unlikely that a firewall is doing  
anything more complex than a thin layer of policy atop routing. As  
such, the applications behind the firewall are now more critical to  
security than the firewall itself. Which should scare the holey moley  
out of you."




On Nov 30, 2005, at 6:24 PM, zeno at cgisecurity.net wrote:

> Yahoo news has an interesting article on worm propigation via rss  
> feeds.
>
> "David Sancho, senior anti-virus research engineer at Trend Micro,  
> warned that RSS feed hijacking will become commonplace when  
> Microsoft Corp. ships Internet Explorer 7, a browser refresh that  
> will feature built-in RSS support.
>
> In a white paper titled "The Future of Bot Worms," Sancho said the  
> IE7 release "will open some interesting possibilities to worm  
> creators." - Yahoo!
>
> A whitepaper by Trend-Micro describes the concept more in detail.
> News Link: http://news.yahoo.com/s/zd/20051129/tc_zd/166349
> Download The Paper: http://www.trendmicro.com/NR/rdonlyres/ 
> EEE8DBC3-6948-4F0D-B5F4-0673260B88D5/17036/Future_of_Bots_FINAL.pdf
>
> Regards,
>
> - admin at cgisecurity.com
> http://www.cgisecurity.com
> http://www.cgisecurity.com/index.rss Syndicated Web Security News
>
>
> ---------------------------------------------------------------------
> The Web Security Mailing List
> http://www.webappsec.org/lists/websecurity/
>
> The Web Security Mailing List Archives
> http://www.webappsec.org/lists/websecurity/archive/
>
>


---------------------------------------------------------------------
The Web Security Mailing List
http://www.webappsec.org/lists/websecurity/

The Web Security Mailing List Archives
http://www.webappsec.org/lists/websecurity/archive/