Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Javascript injection attacks compromise high profile sites.

Forcepoint : 24 April, 2008  (Technical Article)
Infection of good reputation web-sites highlights the need for the right tools to protect against the growing number of sources of malicious code.
Highlighting the need for adaptive, real-time Web security, Websense has announced that the Websense Security Labs researchers were the first to discover that hundreds of thousands of legitimate Web sites with "good" reputations, including some United Nations and UK Government Web sites, have been compromised with a massive Javascript injection attack aimed at stealing user information. Websense Web security customers and their essential information were immediately protected.

This attack method highlights a growing number of attacks that take advantage of the flaws in traditional security that rely on signatures and Web reputation to protect customers. By infecting hundreds of thousands of well-trafficked, well known Web sites simultaneously, attackers only need a window of a few hours to get a large number of potential victims. Web users and organisations without real-time protection are vulnerable. Websense, with its global, Websense ThreatSeekerâ„¢ Network, which includes the world's first Internet "HoneyGrid" that discovers and analyses billions of disparate pieces of Internet content every day, rapidly identifies newly infected sites as they are compromised and often even before they are compromised, protecting customers and their essential information in real-time.

This well-orchestrated, widespread attack appears to be from the same group that launched a similar one in March 2008 in which tens of thousands of well known Web sites were infected with malicious links, and due to noted similarities in attack method, the group may be connected to the Dolphin Stadium Super Bowl compromise of 2007. In the current attack, in addition to the thousands of new Web sites that have been targeted, the group is also using previously compromised Web sites from the March attack that have not been cleaned, to host the malicious code.

"This attack seeks to exploit users who trust that their favourite, legitimate Web sites are safe," said Dan Hubbard, vice president of security research, Websense. "Unfortunately, we believe that attacks that target popular Web sites—those with the most unique visitors—will be on the rise. In this rapidly changing threat environment, organisations must have Web security that can adapt to threats in real-time."

The Websense ThreatSeeker Network adaptive security technologies and processes are designed to continuously monitor the Internet for changes and emerging threats. The resulting intelligence is immediately incorporated into the company's Web security, email security and data loss prevention solutions. As a result, Websense is able to adapt to the rapidly changing Internet at speeds not possible by traditional security solutions and basic Web filtering solutions.

Details of the threats Websense recently discovered can be accessed on the Websense Security Labs Web site.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo