HTML5 Top 10 Threats Stealth Attacks and Silent Exploit

Abstract : HTML5 is an emerging stack for next generation applications. HTML5 is enhancing browser capabilities  and able to execute Rich Internet Applications in the context of modern browser architecture.  Interestingly HTML5 can run on mobile devices as well and it makes even more complicated. HTML5 is  not a single technology stack but combination of various components like XMLHttpRequest (XHR),  Document Object model (DOM), Cross Origin Resource Sharing (CORS) and enhanced HTML/Browser  rendering. It brings several new technologies to the browser which were not seen before like  localstorage, webSQL, websocket, webworkers, enhanced XHR, DOM based XPATH to name a few. It has  enhanced attack surface and point of exploitations for attacker and malicious agents. By leveraging  these vectors one can craft stealth attacks and silent exploits, it is hard to detect and easy to  compromise…Read more in here [PDF Format]

Reasourceshttps://media.blackhat.com/

Advertisements