Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    July 2014
    S M T W T F S
    « Jun    
     12345
    6789101112
    13141516171819
    20212223242526
    2728293031  
  • About Us

    Earlier this month, you may recall that there were several reports of a large-scale compromise of thousands of Web pages (some search results indicate upwards of ~100,000 pages) via a mass SQL injection attack, which placed malicious JavaScript redirects to malware. These Web pages included those belonging to Fortune 500 corporations, state government agencies, and schools.

    Today, we see yet another example that it is not only small or isolated Web sites that are affected (or targeted), but also popular trade-press Web sites with a very large readership. We were alerted to the fact that BusinessWeek was also compromised in a similar fashion, since it has the identical malicious JavaScript that has been surreptitiously inserted into at least one page on their website.

    This is just an illustration of how serious this problem really is — Web site administrators must do a much, much better job to ensure that their Web sites are secure. Otherwise, they run the risk of unwittingly exposing their readers to serious malicious threats that could result in personal financial loss, identity theft, or worse.

    Unfortunately, we seem to be seeing that the problem with compromised Web sites is getting worse, not better, and the Internet experience and trust factor for the casual user will suffer as a result.

    Note: We’ve contacted BusinessWeek and alerted them of the problem. Let’s hope they get it cleaned up and fix the original vulnerability so it doesn’t happen again.

    “Fergie”, a.k.a. Paul Ferguson
    Internet Security Intelligence
    Advanced Threats Research





    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   del.icio.us   StumbleUpon




    Comments are closed.



     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice