| TIP: Click on subject to list as thread! | ANSI |
| echo: | |
|---|---|
| to: | |
| from: | |
| date: | |
| subject: | more reasons to drop flash and block ads |
http://www.welivesecurity.com/2016/12/06/stegano-exploit-kit/ [QUOTE] What does your discovery mean for internet users? It means that there are advertising banners with "poisoned pixels" leading to a new exploit kit, intended to enable the bad guys to remotely install malware onto victims' computers. The victim doesn't even need to click on the malicious ad content; all it takes is to visit a website displaying it. If the victim's computer runs a vulnerable version of Flash Player, the machine will be compromised via an exploited vulnerability automatically. [...] Where are the poisoned pixels in this? Well, the name "Stegano" refers to steganography[1], which is a technique the bad guys used to hide parts of their malicious code in the pixels of the advertisements' banners. Specifically, they hide it in the parameters controlling the transparency of each pixel. This makes only minor changes to the (color) tone of the picture, making the changes effectively invisible to the naked eye and so unnoticed by the potential victim. [/QUOTE] [1] http://www.virusradar.com/en/glossary/steganography )\/(ark Always Mount a Scratch Monkey Do you manage your own servers? If you are not running an IDS/IPS yer doin' it wrong... ... The pursuit of truth will set you free. Even if you never catch it. ---* Origin: (1:3634/12.73) SEEN-BY: 103/705 109/500 116/116 123/5 52 111 140 400 500 789 1970 124/5013 SEEN-BY: 124/5014 135/300 140/1 154/10 30 700 203/0 221/6 226/600 227/51 201 SEEN-BY: 229/426 230/0 249/303 261/38 1466 280/464 5003 320/119 322/759 SEEN-BY: 340/800 342/11 423/120 633/267 280 640/384 712/620 848 770/1 2320/100 SEEN-BY: 3634/12 15 22 24 27 50 5075/35 @PATH: 3634/12 123/500 154/10 280/464 712/848 633/267 |
|
| SOURCE: echomail via fidonet.ozzmosis.com | |
Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.