New GIFAR Attack Targets Browsers of Users
Security researchers of UK-based NGSS (Next Generation Security Software) along with researchers of the Advanced Security Center of Ernst & Young LLP have built a new file that enables access to user's browser on any Website where images may be uploaded, like eBay or social-networking Websites.
The file called Gifar is a hybrid of GIF (Graphics Interchange Format) and JAR (Java Archive). Although it appears like a .gif image to the Website hosting the file, a .jar file combined with it. When GIFAR is displayed in the browser, the JAR runs in the form of an applet, allowing the attacker to execute Java script in the contaminated browser.
This Java script, however, appears to the visitor's browser as coming from a legitimate site. According to NGSS Officials, the attack wo...
» SPAMfighter News - 8/20/2008
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!