LandzDown Forum

Software & More => Web News => Topic started by: Corrine on May 25, 2018, 09:25:00 PM

Title: Security of HTML5 May Not Live Up to Promise
Post by: Corrine on May 25, 2018, 09:25:00 PM
Security of HTML5 May Not Live Up to Promise - Infosecurity Magazine (https://www.infosecurity-magazine.com/news/security-of-html5-may-not-live-up/)

Quote
The Media Trust wrote, “The malware, which has produced at least 21 separate incidents affecting dozens of globally recognized digital media publishers and at least 15 ad networks, uses JavaScript commands in order to hide within HTML5 creative and avoid detection. The scale of the infection marks a turning point for HTML5’s presumed security and demonstrates the advances malware developers have made in exploiting the open standards’ basic functionality to launch their attack.”

{{{SNIP}}}

However, the malware team at the Media Trust has discovered that the very attributes that allow HTML5 to deliver the content of popular formats without external plugins are also being used to cloak malware. By breaking it into smaller parts, the malware is harder to detect, but when certain conditions are met, those broken parts are pieced back together.

H/T ky331