The Little Hybrid Web Worm That Could presented at Blackhat USA 2007

by John Terrill,

Tags: Security Web

Summary : The past year has seen several web worms
attacks against various online applications. While these worms have
gotten more sophisticated and made use of additional technologies like
Flash and media formats, they all have some basic limitations such as
infecting new domains and injection methods. These worms are fairly
easily detected using signatures and these limitations have made web
worms annoying, but ultimately controllable. Often the source website
simply fixes a single flaw and the worm dies.