Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror

Comment This is the tool Prajakta Jagdale spoke about.. (Score 4, Informative) 82

At Black Hat D.C. last month Prajakta Jagdale spoke about HP developing this tool in her presentation:

"Blinded by Flash: Widespread Security Risks Flash Developers Don't See"

From the presentations description:
"In this presentation I will examine the Flash framework and then delve into the Flash security model and the transitions it has undergone over the years. To explore the avenues of compromise in the security model, I will use a test Flash application and demonstrate various attack vectors including Cross-Site Request Forgery, data injection and script injection. During this demonstration, I will explain the associated threats in detail and discuss means to mitigate these threats. Even though the test application validates the attack surface, the question remains: how many applications actually deployed are vulnerable to these threats? I will answer this question by providing astonishing statistics about vulnerable, real world applications I was able to find using simple Google queries."

The pdf of her presentation is here:
https://www.blackhat.com/presentations/bh-dc/Jagdale/BlackHat-DC-09-Jagdale-Blinded-by-Flash.pdf

Slashdot Top Deals

Some of my readers ask me what a "Serial Port" is. The answer is: I don't know. Is it some kind of wine you have with breakfast?

Working...