"InfoWorld reports on a new potential ploy for stealing Web user's private information: Researcher has found that by placing a new type of hybrid file on Web sites that let users upload their own images, they can circumvent security systems and take over Web surfers' accounts. 'They call this type of file a GIFAR, a contraction of GIF (graphics interchange format) and JAR (Java Archive), the two file-types that are mixed. At Black Hat, researchers will show attendees how to create the GIFAR while omitting a few key details to prevent it from being used immediately in any widespread attack.'"
http://it.slashdot.org/it/08/08/01/184220.shtml
http://www.infoworld.com/article/08/08/01/A_photo_that_can_steal_your_online_credentials_1.html
http://it.slashdot.org/it/08/08/01/184220.shtml
http://www.infoworld.com/article/08/08/01/A_photo_that_can_steal_your_online_credentials_1.html