RB2: OWASP Day podcast: Exploiting Firefox extensions

0 Comments

August 21, 2009 --

In this special interview you'll hear our New Zealand correspondent Paul Craig interviewing Security-Assessment.com's Roberto Suggi Liverani and Nick Freeman discuss their research into exploiting Firefox extensions.

These guys were doing a review of a large web application and evaluation of a related firefox extension was in scope.

Skype extensions, search toolbars -- all those extensions that people routinely install into their browsers, well, it turns out a lot of them are buggy as hell and these two have figured out how to exploit these little suckers, and at best guess, there's around 30 million boxes out there vulnerable to the extension bugs they've identified.

| Play in Popup | Download

User login

Recent podcasts

Risky Business #224 -- Lost source and open relays: 2012 is here

Symantec and McAfee kick off the year of the Dragon with some decent lulz…
Risky Business #223 -- Summer edition: Drones pwned?

Russians owned our pumps. Persians pwned our drones.
Risky Business #222 -- Never pay for roaming data again

How to turn your Kindle into a free, global SSH and IRC modem...
Risky Business #221 -- Browser GFX security with Ben Hawkes

Does the hype match the reality?
Risky Business #220 -- All your Macs are belong to Snare

Rootkitting OS X, fun with EFI bootloaders and more...

Hosted by:

RB2: OWASP Day podcast: Exploiting Firefox extensions

User login

Recent podcasts

Hosted by:

Recent comments