July 21, 2008

Cenzic to Present on “Xploiting Google Gadgets: Gmalware and Beyond” at Black Hat 2008

Cenzic Inc., the leading provider of application security assessment and risk management solutions, today announced its Senior Security Analyst, Tom Stracener, will be presenting on "Xploiting Google Gadgets: Gmalware and Beyond" at Black Hat USA 2008 in Las Vegas on Wednesday, August 6.

This talk will analyze the security history of Google Gadgets and demonstrate ways to exploit Gadgets for nefarious purposes. Google Gadgets are the applications created to run within other applications like email or on an iGoogle homepage that hackers can use to attack a PC or network. Mr. Stracener has already ported various JavaScript attack utilities to Google Gadgets (like PDP's JavaScript port scanner) and will demonstrate ways to create Gadgets that allow you to port scan internal systems and conduct various JavaScript hacks via malicious gadgets. This presentation will also disclose a "zero day" vulnerability in Google Gadgets that makes Gmalware a significant threat.

 What:  Cenzic to present on "Xploiting Google Gadgets: Gmalware and Beyond" Who:   The session will feature Tom Stracener for Cenzic, Inc. along with        acclaimed hacker Robert Hansen (RSnake) CEO of SecTheory LLC. When:  Wednesday, August 6, at 3:15 p.m. PDT URL:   To register, or for more information, please visit:        http://www.blackhat.com 

About Cenzic

Cenzic is the next-generation Web application security assessment and risk management solutions leader. The Cenzic suite of application security solutions fits the need of any company from remote, Software as a Service (ClickToSecure(R)), for testing one or more applications, to a full enterprise-wide solution (Cenzic Hailstorm(R) Enterprise ARC) for effectively managing application security risks across an enterprise. Always an innovator, Cenzic has integrated Hailstorm with VMware to enable testing of production Web applications through virtualization -- making Cenzic the only company in the industry with a complete solution for assessing Web applications in all stages from development to production. In addition, Cenzic solutions, targeted at financial services, e-retail, high-tech, energy, healthcare and government sectors, are the most accurate, comprehensive and extensible in the industry, empowering organizations to stay on top of unrelenting application security threats.

 Contact Information: Tami Casey Kulesa Public Relations/for Cenzic (650) 340-1984 Email Contact

SOURCE: Cenzic