I’ve been looking over the agenda for RSA Conference 2011, and I’m starting to wonder which talks I’ll go to. I usually decide such things a couple minutes beforehand, because I like to live security conferences on the edge. But the description of a talk Neil Daswani and Lars Ewe plan to give could be interesting.Read and judge for yourselves:Session Code: HT2-203Session Title: Drive By Downloads: How to Avoid Getting a Cap Popped in Your AppSpeaker: Neil Daswani, Co-Founder and Chief Technology Officer of Dasient Inc. and Lars Ewe, Chief Technology Officer and Vice President of Engineering at Cenzic, Inc. Scheduled Date(s)/Time(s): Wednesday, February 16 11:10 AMRed Room 104Session Length: 50 minutes Session Abstract: This talk will present state-of-the-art web-based malware attacks and describe how the techniques used have evolved over time. Learn how today’s attackers use additional mechanisms to inject malicious code, conduct multiple injections into a single web page, use multi-DOM node injections, foil first generation web-based malware scanners and rely on social engineering technologies.Prerequisite knowledge Attendees should have a general understanding of web application security and malware threats.Session learning objectives Attendees will gain increased awareness of drive-by-downloads, and how they have morphed over time, as well as an understanding of modern drive-by-download techniques. To support this, we will provide code samples of new, modern-day drive-by-download attacks and highly technical information. We will also provide pointers to freely available resources, including a Twitter data feed that can be used by attendees and webmaster to stay on top of the newest drive-by-download infection types.I’ll highlight more of these as I dig deeper.–Bill Brenner Related content news Gwinnett Medical Center investigating possible data breach After being contacted by Salted Hash, Gwinnett Medical Center has confirmed they're investigating a security incident By Steve Ragan Oct 02, 2018 6 mins Regulation Data Breach Hacking news Facebook: 30 million accounts impacted by security flaw (updated) In a blog post, Facebook’s VP of product management Guy Rosen said the attackers exploited a flaw in the website's 'View As' function By Steve Ragan Sep 28, 2018 4 mins Data Breach Security news Scammers pose as CNN's Wolf Blitzer, target security professionals Did they really think this would work? By Steve Ragan Sep 04, 2018 2 mins Phishing Social Engineering Security news Congress pushes MITRE to fix CVE program, suggests regular reviews and stable funding After a year of investigation into the Common Vulnerabilities and Exposures (CVE) program, the Energy and Commerce Committee has some suggestions as to how it can be improved By Steve Ragan Aug 27, 2018 3 mins Vulnerabilities Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe