Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Finjan advice on hidden malicious web code

Finjan Software : 01 December, 2008  (Technical Article)
Dynamic code analysis protection software enables users to safely surf and avoid falling victim to obfuscated malware on web sites
Finjan has warned Internet users to be on their guard, following an apparent compromised web page on one of the sub-domains on the CBS.com portal.

"The cybercriminals, who compromised one of the sub-domains under CBS.com, appear to have added a malicious obfuscated script to the infected page. The injected script then dynamically injects an IFrame that pulls malware from a remote server locating in Russia." said Yuval Ben-Itzhak, Finjan's CTO.

Fortunately for CBS site visitors, Finjan reports that actions were already taken to turn that Russian server offline.

Finjan CTO says the company's MCRC - Malicious Code Research Centre - has notified CBS of the problem and the team expects the page in question to be taken offline and/or replaced with the original data.

'This saga confirms our many previous warnings that obfuscated code posing a serious threat to Internet users' PCs. Our Threats Reports have continued to identify the increasing use of code obfuscation as a means of bypassing traditional signature-based solutions in order to propagate malware,' he said.

'This saga illustrates the popularity of malicious obfuscated code as a weapon of choice by criminal hackers. It also highlights the fact that no Web portal, no matter how high ranking, can be totally secure against a system hack and consequent infection of its visitors. Web users need to exercise caution at all times,' he added.


Finjan's security tips and notes to prevent infection:.

For businesses:.

1 Install a Secure Web Gateway to protect valuable data from being compromised by malware.
2 Finjan is offering free Malware Detection Audits to organisations with over 1,000 users.
3 Consider the use of a secure platform when accessing Web 2.0 sites.


For consumers:.

1 Use Finjan's SecureBrowsing browser plug-in to make the right decisions when browsing the Web
2 Exercise caution when accessing Web 2.0-enabled sites - eg Social Networking portals, wikis and blogs.
3 Do not rely just on signature-based IT security applications.


For all users:.

1 The preferred way to stop dynamically obfuscated code and similar types of advanced hacking techniques is to analyse and understand the code embedded within Web content on-the-fly before it reaches the user.

2 Proactive, behaviour-based IT security technology performs in-depth analysis of each and every piece of content, regardless of its original source.

3 This analysis breaks the code into parts, understands the execution path and the functions' call flow.

4 As a result, these solutions can identify code that is about to perform a malicious or suspicious operation, and block it at the perimeter, rather than allowing it to enter the network and relying on desktop security.

5 This type of proactive security is akin to having an `expert system' in a box,' safeguarding users from even the most devious attack techniques, such as those disclosed in this and previous Finjan reports.

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo