Blog Posts Tagged with "iFrame Injection"
Thousands of Sites Hacked with Plesk Zero Day Exploit
July 10, 2012 Added by:Headlines
"What is interesting is that most of our clients always used to be using CMSs (like WordPress, Joomla, etc), but lately we are seeing such a large number of just plain HTML sites getting compromised and when we look deeper, they are always using Plesk..."
Comments (0)
Symantec: Blackhole Exploit Kit Upgrade Revealed
July 03, 2012 Added by:Headlines
"The Blackhole JavaScript code on compromised sites now dynamically generates pseudo-random domains, based on the date and other information, and then creates an iframe pointing to the generated domain... The code then creates a hidden iframe, using the previously-generated domain as the source..."
Comments (0)
Symantec: Internet Explorer Zero-Day Exploit in the Wild
June 18, 2012 Added by:Headlines
"While the exploit used in this attack has been referred to as being a zero-day due to reports of it being seen in the wild before the recent Security Bulletin Summary, zero-days are not commonly observed in attacks... this begs the question: will we see more zero-days being used in similar attacks?"
Comments (0)
Following the Trail of Web-Based Malware
December 15, 2011 Added by:Mark Baldwin
The main.php script contained javascript that attempted to exploit several potential vulnerabilities. I downloaded the script and analyzed it. By inserting an “alert” statement into the script prior to the actual execution of the code, we can get a good idea of what the script does...
Comments (0)
Geek.com Spreading Malware via Invisible iFrame
May 18, 2011 Added by:Headlines
The main page of the site - including the "Homepage" and the "About Us" section - contain an invisible iframe with JavaScript downloaded from sites contaminated by a custom set of exploits. The malicious code attempts to take advantage of vulnerabilities on the end user’s machine...
Comments (1)
IBM's DeveloperWorks Website Hacked
January 12, 2011 Added by:Headlines
IBM's DeveloperWorks website was breached by hackers over the weekend. The messages left by the hacker(s) read: "Defaced by Hmei7," and, "You have been Hacked !!!, not because of your stupidity That's because we love you, and we want to warn you That your web still has large of vulnerability."
Comments (0)
Home Depot Website Hack
January 11, 2011 Added by:Mark Baldwin
While the iframe in the Home Depot website is not currently a threat, the vulnerability that allowed it to be inserted into the page may still be present. I attempted to contact Home Depot to inform them of this issue, but as of this writing I have not received a response...
Comments (19)
Java Applet Distributes Trojan via Downloader Injection
December 31, 2010 Added by:Headlines
More than two-thousand weblinks direct users to domains that can inject malicious code by way of a Java downloader applet. The code is contained in the HTML of the infected sites, and infects the visitor's computers with a hidden iFrame containing a JavaScript function...
Comments (1)
Ligatt Site Still Vulnerable to Basic Code Injections
October 07, 2010 Added by:K.S. Abhiraj
The iframe injection is a kind of injection of one or more iframe tags into a page's content. The iframe can typically do many malicious things, such as downloading an executable application that containing malware which may directly compromise a visitor's system...
Comments (2)
- Identity & Access Management: Give Me a REST
- Over-Sharing Riskier than Government Snooping
- 20 Critical Security Controls: Control 13 – Boundary Defense
- Redefining Social Networking
- Creating Your Own Privacy & ROI
- Security Intelligence for the Enterprise - Part 1
- Why are Cybercrimes NOT Always White-collar Crimes?
- From the SMB to Security Guru: Five Ways IT Pros Can Manage Security on a Budget
- Balancing Act Between Privacy and Security
- The NSA’s Word Games Explained: How the Government Deceived Congress in the Debate over Surveillance Powers