Practical Reflected File Download and JSONP

This week introduced us to a new web attack vector, which the researcher dubbed "Reflected File Download" [RFD] . It's a very interesting attack which has potential to do some severe damage, especially in social engineering contexts. Full details of the reflected file download attack can be found here: http://blog.spiderlabs.com/2014/10/reflected-file-download-the-white-paper.html While reading through the white … Continue reading Practical Reflected File Download and JSONP

Advertisements