Articles about iframe redirection

The Register breaking news

Attacks spread malware with help from AppleInsider

Malware purveyors are exploiting web vulnerabilities in appleinsider.com, lawyer.com, news.com.au and a dozen other sites to foist rogue anti-virus on unsuspecting netizens. The ongoing attacks are notable because they use exploits based on XSS, or cross-site scripting, to hide malware links inside the URLs of trusted sites. …
Dan Goodin, 16 Dec 2009
The Register breaking news

Mass web infections spike to 6 million pages

An estimated 5.8 million pages belonging to 640,000 websites were infected with code designed to launch malware attacks on visitors, according to a report released Tuesday. The numbers, compiled over the third quarter by security firm Dasient, represent a significant jump in number of legitimate websites that have been …
Dan Goodin, 27 Oct 2009
The Register breaking news

Thousands of sites loaded with potent malware cocktail

Cybercriminals have laced about 2,000 legitimate websites with a potent malware cocktail that surreptitiously attacks people who browse to them, a security researcher warned Friday. Unlike past outbreaks of the mass web attack known as Gumblar, this round actually plants exploit code on the website servers themselves. …
Dan Goodin, 16 Oct 2009
The Register breaking news

Mozilla service detects insecure Firefox plugins

Mozilla has introduced a service that checks Firefox browser plugins to make sure they don't have known security vulnerabilities or incompatibilities. The service debuted on Tuesday with this page, which checks 15 plugins to make sure they're the most recent versions. Over time, Mozilla developers plan to scan additional …
Dan Goodin, 14 Oct 2009
The Register breaking news

Adobe relieves Reader and Acrobat update blues

Adobe Systems has introduced a new software updater for its Reader and Acrobat applications, one of several additions released Tuesday to protect users against a growing wave of malware attacks. The new updater was included in in the latest versions of Reader and Acrobat, which Adobe released to fix almost 30 security …
Dan Goodin, 13 Oct 2009
The Register breaking news

Google shares malware samples with hacked site admins

Google has rolled out a feature that provides webmasters of compromised sites with samples of malicious code and other detailed information to help them clean up. The search giant has long scanned websites for malware while indexing the world wide web. When it detects outbreaks, it includes language in search results that …
Dan Goodin, 13 Oct 2009
The Register breaking news

Twitter bans security maven for sharing naughty link

A well known security researcher was banished from Twitter for more than two days for including the address of a malicious website in a two-month-old dispatch. On Tuesday, Mikko Hypponen, chief research officer for anti-virus provider F-Secure, found his Twitter account suspended with no explanation. Every one of his tweets …
Dan Goodin, 9 Oct 2009
The Register breaking news

Botnet caught red handed stealing from Google

A recently discovered botnet has been caught siphoning ad revenue away from Google, Yahoo! and Bing and funneling it to smaller networks. According to researchers at Click Forensics, computers that are part of the so-called Bahama Botnet are infected with malware that sends them to counterfeit search pages instead of the real …
Dan Goodin, 9 Oct 2009
The Register breaking news

10,000 Hotmail passwords mysteriously leaked to web

Updated Login credentials for more than 10,000 Microsoft Live accounts have been posted to the internet, most likely by miscreants who found them or harvested them in a phishing attack. In all, there were 10,028 pairs of user names and passwords posted to multiple pages of public upload website Pastebin.com, some of which remained …
Dan Goodin, 5 Oct 2009
The Register breaking news

Mozilla unveils cure for Web 2.0 world run amok

The Mozilla Foundation has unveiled an early version of its Firefox browser that it says could virtually eliminate one of the most common attack forms now menacing the web. It implements an inchoate technology the foundation calls CSP, short for the Content Security Policy specification. It allows web developers to embed a …
Dan Goodin, 3 Oct 2009
The Register breaking news

Google (finally) adds protection for common Web 2.0 attack

Google has beefed up the security of Gmail and its other services by adding a feature to login pages that blocks one of the more common forms of web attacks. The upgrade is designed to protect against CSRF, or cross-site request forgery, attacks. The technique subverts basic website defenses by exploiting the often-misplaced …
Dan Goodin, 2 Oct 2009
The Register breaking news

Google results flog millions of compromised webpages

Two ongoing scams are tricking Google and other search engines into prominently displaying millions of compromised webpages that attempt to hijack end users' computers or steal their credit card numbers, researchers said. One of the attacks is being used to direct people searching the web to an online store hawking pirated …
Dan Goodin, 1 Oct 2009
The Register breaking news

Malware torrent delivered over Google, Yahoo! ad services

Some of the web's bigger websites were flooded with a torrent of malicious banner ads after cyber crooks managed to sneak them onto syndication services operated by Google, Yahoo, and a third company, according to a security firm. The ads - which attacked previously-patched vulnerabilities in Adobe's PDF Reader and Microsoft's …
Dan Goodin, 24 Sep 2009
The Register breaking news

Email-stealing worm slithers across LiveJournal

LiveJournal's security team has disabled some media features on the blogging site after a quick-spreading worm stole user email addresses and caused entries designated as private to be available to everyone. The self-propagating exploit spread to users who were logged in and did nothing more than view a LiveJournal posting …
Dan Goodin, 23 Sep 2009
The Register breaking news

Hardware biz issued trojan-laced drivers, says researcher

A maker of hardware for computer gamers has taken its support site offline following a report that it was surreptitiously distributing malware on its downloads section. Carlsbad, California-based Razer took the precautionary move after Rik Ferguson, a senior security adviser in Europe with anti-virus firm Trend Micro, warned …
Dan Goodin, 21 Sep 2009
The Register breaking news

Linux webserver botnet pushes malware

A security researcher has discovered a cluster of infected Linux servers that have been corralled into a special ops botnet of sorts and used to distribute malware to unwitting people browsing the web. Each of the infected machines examined so far is a dedicated or virtual dedicated server running a legitimate website, Denis …
Dan Goodin, 12 Sep 2009
The Register breaking news

Firefox to warn users of insecure Adobe Flash

Upcoming versions of Mozilla's Firefox browser will automatically warn users running versions of Adobe's Flash Media Player that contain known security bugs, according to a published report. The check will be invoked each time the popular open-source browser is updated, according to the report which was published Thursday by …
Dan Goodin, 4 Sep 2009
The Register breaking news

Apple security lags (again) with critical Java patches

Comment Apple is once again playing security catch-up to the rest of the computing world, this time with an update for the Leopard version of its Mac operating system that patches critical holes in Java that were fixed on competing systems 29 days ago. The patch updates Leopard to Java versions 1.6.0_15, 1.5.0_20, and 1.4.2_22, which …
Dan Goodin, 4 Sep 2009

Create a news alert about iframe redirection, or find more stories about iframe redirection.

Biting the hand that feeds IT © 1998–2018