Brace for impact!

Tomorrow might prove to be interesting! So fasten your seatbelts…

Paul Hirsch, a moderator on WebHostingTalk.com got wind that hacker Billy Hoffman with SPI Dynamics is going to do a talk tomorrow at Schmoo titled: “Javascript Malware for a Gray Goo Tomorrow”.

He created Jikto, a web scanner written in javaScript:

This homogenous platform, coupled with JavaScript’s new features has enabled attackers to perform advanced attacks using XSS that were thought to be impossible even 2 years ago. Self-propagating XSS+Ajax worms, advanced keystroke and mouse loggers, port scanning, fingerprinting, and assaulting intranet applications, as well as stealing search engine queries or browser histories are now all components in an attackers toolbox.

If this does not concern you just a bit, I’m not sure what could…

The good news? Well, he’s not going to release Jikto, at least not yet…

But this will definitely bring XSS in the forefront.

in News | 152 Words