ICT Security-Sécurité PC et Internet

About.com has a huge security problem, but it's likely worse for the over 98 million monthly visitors to the About Group's various topic-specific subdomains.

A security researcher disclosed Monday that "at least 99.88%" of all topic links and all domains related to About.com are vulnerable to open XSS (Cross Site Scripting) and Iframe Injection (Cross Frame Scripting, XFS) attacks.

According to the researcher's findings and proof-of-concept results, all subdomains of About.com are affected.

Learn more:

- http://www.scoop.it/t/securite-pc-et-internet/?tag=iFrame-Injection

- http://www.scoop.it/t/securite-pc-et-internet/?tag=XSS

A simple mistake on the part of cyber attackers has revealed another mass malicious iFrames injection attack that is currently under way, according to Armorize's researchers.

Initially, they forgot to include a tag before the actual malicious code, so it was indexed by Google and, therefore, searchable. The initial number of compromised domains was around 22,400, with a total of 536,000+ infected pages.

The Linux root kit targets 64-bit Linux platforms and uses advanced techniques to hide itself, and infects the websites hosted on attacked HTTP server working to launch drive-by download attacks.

“It's an outstanding sample, not only because it targets 64-bit Linux platforms and uses advanced techniques to hide itself, but primarily because of the unusual functionality of infecting the websites hosted on attacked HTTP server - and therefore working as a part of drive-by download scenario,” commented Marta Janus, a Kaspersky Lab Expert who examined the rootkit sample.

===> “This rootkit, though it's still in the development stage, shows a new approach to the drive-by download schema and we can certainly expect more such malware in the future.” <===

Read more:

http://www.securityweek.com/linux-rootkit-found-launching-iframe-injection-attacks