http://www.computerworld.com/s/article/9177904/Mass_Web_attack_hits_Wall_Street_Journal_Jerusalem_Post By Robert McMillan IDG News Service June 9, 2010 Internet users have been hit by a widespread Web attack that has compromised thousands of Web sites, including Web pages belonging to the Wall Street Journal and the Jerusalem Post. Estimates of the total number of compromised Web sites vary between 7,000 and 114,000, according to security experts. Other compromised sites include Servicewomen.org and Intljobs.org. Cisco Systems' Web-tracking subsidiary, ScanSafe, started following the incident two days ago, said Mary Landesman, a senior security researcher with Cisco. Somehow, the hackers have posted malicious HTML code on the affected Web sites that redirects victims to a malicious Web server. This server tries to install software on Web visitors' computers. If it's successful, the software gives the criminals a way to remotely control their victims' PCs. Security researchers are still gathering data on the attacks, but they suspect that hackers used what's known as an SQL injection attack to trick the Web sites into running database commands, which ultimately gave the hackers a way of installing their malicious HTML. [...] _________________________________________________________________ Attend Black Hat USA 2010, hosted at Caesars Palace in Las Vegas, Nevada July 24-29th, offering over 60 training sessions and 11 tracks of Briefings from security industry elite. To sign up visit http://www.blackhat.comReceived on Wed Jun 09 2010 - 23:27:39 PDT
This archive was generated by hypermail 2.2.0 : Wed Jun 09 2010 - 23:37:06 PDT