I've been looking over the agenda for RSA Conference 2011, and I'm starting to wonder which talks I'll go to.
I usually decide such things a couple minutes beforehand, because I like to live security conferences on the edge. But the description of a talk Neil Daswani and Lars Ewe plan to give could be interesting.
Read and judge for yourselves:
Session Code: HT2-203Session Title: Drive By Downloads: How to Avoid Getting a Cap Popped in Your AppSpeaker: Neil Daswani, Co-Founder and Chief Technology Officer of Dasient Inc. and Lars Ewe, Chief Technology Officer and Vice President of Engineering at Cenzic, Inc.
Scheduled Date(s)/Time(s): Wednesday, February 16 11:10 AM
Red Room 104Session Length: 50 minutes
Session Abstract: This talk will present state-of-the-art web-based malware attacks and describe how the techniques used have evolved over time. Learn how today’s attackers use additional mechanisms to inject malicious code, conduct multiple injections into a single web page, use multi-DOM node injections, foil first generation web-based malware scanners and rely on social engineering technologies.Prerequisite knowledge Attendees should have a general understanding of web application security and malware threats.Session learning objectivesAttendees will gain increased awareness of drive-by-downloads, and how they have morphed over time, as well as an understanding of modern drive-by-download techniques. To support this, we will provide code samples of new, modern-day drive-by-download attacks and highly technical information. We will also provide pointers to freely available resources, including a Twitter data feed that can be used by attendees and webmaster to stay on top of the newest drive-by-download infection types.
I'll highlight more of these as I dig deeper.