kdlsw Posted October 3, 2016 Share Posted October 3, 2016 I know it is possible to embed some malware into a web page back in those days when JDB method works. Is it possible to execute a malware on the client simply by letting it browsing a web page these days? Thanks! Quote Link to comment Share on other sites More sharing options...
cooper Posted October 3, 2016 Share Posted October 3, 2016 (edited) The words you're looking for are XSS and CSRF. It's a seemingly eternal problem that's not going anywhere. Also, check out how ad platforms are being leveraged as a delivery vector for malware. That stuff gets embedded into the website and is hosted elsewhere. Edited October 3, 2016 by cooper Added the bad ads bit. Quote Link to comment Share on other sites More sharing options...
barry99705 Posted October 3, 2016 Share Posted October 3, 2016 48 minutes ago, cooper said: The words you're looking for are XSS and CSRF. It's a seemingly eternal problem that's not going anywhere. Also, check out how ad platforms are being leveraged as a delivery vector for malware. That stuff gets embedded into the website and is hosted elsewhere. That's the shit that gets my clients the most. Fucking ads. I try to get them to use firefox or chrome with some kind of ad blocking, but some sites just won't work unless it's ie. Fucking banks.... Quote Link to comment Share on other sites More sharing options...
kdlsw Posted October 3, 2016 Author Share Posted October 3, 2016 3 hours ago, cooper said: The words you're looking for are XSS and CSRF. It's a seemingly eternal problem that's not going anywhere. Also, check out how ad platforms are being leveraged as a delivery vector for malware. That stuff gets embedded into the website and is hosted elsewhere. Thank you! I will take a look on them, thanks! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.