Wednesday, May 7th, 2008
A loyal ISC reader, Rob, wrote in to point us at what looks to be a SQL Injection worm that is on the loose. From a quick google search it shows that there are about 4,000 websites infected and that this worm started at least mid-April if not earlier. Right ...
Posted in Coding, Internet, Privacy, Security | No Comments
Friday, April 11th, 2008
Up to 80% of Web sites flagged as malicious by antivirus and search engine indexes are legitimate businesses, according to security experts.
Experts said while the security industry is on top of conventional spam and phishing attacks, more effort needs to be put into preventing and eliminating so-called drive-by-downloads.
The attacks allow ...
Posted in Internet, Security | No Comments
Wednesday, April 2nd, 2008
Injected iframes into legitimate sites are becoming more and more common these days. One of the latest targets is a Chinese government site at www.zhangzhu.gov.cn:
Please note that while the site adminstrators have been notified, the injected iframe is still present in the site at the time of this posting.
The iframe ...
Posted in Coding, Internet, Security | No Comments
Friday, March 28th, 2008
Last week's massive IFRAME injection attack is slowly turning into a what looks like a large scale web application vulnerabilities audit of high profile sites. Following the timely news coverage, Symantec's rating for the attack as medium risk, StopBadware commenting on XP Antivirus 2008, and US-CERT issuing a warning about ...
Posted in Coding, Internet, Privacy, Security | No Comments
