Drive-by download attacks, as their name implies, are scary things. Unsuspecting Internet users can find their computers infected with a malicious payload simply by visiting a website.
At this year’s RSA security conference, the two vendors are giving a presentation describing their method for finding, exploiting and ultimately guarding against those sorts of Web-based attacks.
Researchers at the companies point to a persistent cross-site scripting (XSS) vulnerability on a website that, regardless of which browser a person is using, exploits a Web app flaw using a specific plugin.
“The way these attacks work in the wild is the attacker has an online exploit kit that fingerprints the user’s browser, operating system, plug-ins and what anti-virus software they’re using,” said Neil Daswani, co-founder and CTO of Dasient, though he declined to name the website or plugin. “The kit then figures out which piece of software to take advantage of.”
eSecurity Planet has the details on Cenzic and Dasient’s work on shoring up Web applications.