Reflected File Download A New Web Attack Vector

Rampant
Rampant ✭✭
in Safepay

Attackers can use reflection to load the file to the abduction of personal data of users to gain complete control over the browser Google Chrome, including encrypted connections, as well as to exploit vulnerabilities in the software installed.


https://drive.google.com/file/d/0B0KLoHg_gR...6MHM/view?pli=1

Comments

  • damianr
    damianr

    Hi. Sorry but I'm lost here. How can we as users prevent this. Just making sure that BD is up to date? 1.gif

  • camarie
    camarie Principal Software Developer BD Staff

    Interesting read. Supposing one will download some malicious file, I think it will be caught by the on access scanner when dropped on disk, or when attempted to execute (or directly by HTTP(S) scan).


    Safepay downloads files, true, but not execing in the secure desktop.


    However - point taken. This could be a good improvement, thank you for info.


    Cristian

All Time Leaders

Categories

Defenders of the month