Drivesploit: Drive-by Downloads Deciphered #BlackHatUSA
LAS VEGAS. A new tool shows how easy it can be to target websites for drive-by downloads in an effort to help build better security.
The Black Hat conference is one that is legendary for its talks that get pulled. Once such pulled talk in 2010 is a talk on the Chinese Cyber Army by Armorize CTO and founder Wayne Huang. Instead of just giving up his speaking slot, Huang delivered a presentation on a new tool called Drivesploit that he developed to help deliver and analyze drive-by exploits.
Drive-by exploits have become increasingly common in recent years and put users at risk simply by visiting an infected website. Huang noted that Google was the victim of one such drive-by attack last year in the so-called Aurora attack.