lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <b787ce30803060812j58c7365dxf960c9f2b9f2b32a@mail.gmail.com>
Date: Thu, 6 Mar 2008 08:12:54 -0800
From: "Dancho Danchev" <dancho.danchev@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: More CNET Sites Under IFRAME Attack

With the recent IFRAME injection attack targeting ZDNet Asia, by
abusing the site's search engine caching capabilities in a combination
with the lack of input sanitization, several more CNET Networks' web
properties besides ZDNet Asia, namely, TV.com, News.com and
MySimon.com are currently getting targeted using the same technique to
inject the IFRAMEs and have the sites cache and locally host the
results. The following assessement outlines the IPs and domains used
in the IFRAMEs, the domains and IPs hosting the rogue anti-virus and
anti-spyware applications, as well as the detection rates of the
applications.

http://ddanchev.blogspot.com/2008/03/more-cnet-sites-under-iframe-attack.html

Regards
-- 
Dancho Danchev
Cyber Threats Analyst/Blogger
http://ddanchev.blogspot.com
http://windowsecurity.com/Dancho_Danchev

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ