Ubiquitous PDF: Falling off a blog…

Blogs are all around these days, and can be a great way to stay in the loop on everything from the lives of friends to market trends and even inside scoops in the case of corporate blogs. As highlighted in a talk at the recent Black Hat security conference, the bad news is that web-based feeds such as RSS and Atom, which quickly send updated blog information to subscribers, are not without their risks.

A follow-up whitepaper on the topic has been posted here as a PDF document. According to the article:

Attackers could exploit the problem by setting up a malicious blog and enticing a user to subscribe to the RSS feed. More likely, however, they would add malicious JavaScript to the comments on a trusted blog, Auger said. ‘A lot of blogs will take user comments and stick them into their own RSS feeds,’ he said.

You May Also Like

About the Author: Dan Shea

Leave a Reply