Login

Username:

Password:

 
Lost Password?
Register now!


Did you know?
What is Keyboard Input Disguise?



Random FAQ
Can I transfer my license to another Domain Name?

Vulnerabilities & Exploits : UN AIDS site target of new 'vulnerability scan' attack
Posted by glm on 2008/12/22 18:14:58 (28 reads)





By :Negar Salek


Aug 29, 2007 9:57 AM




Researchers at Websense have warned that the ‘Youandaids HIV/AIDS portal for Asia Pacific’ - a division of the UN AIDS initiative became the target of new hacker technique yesterday.

The method scans for multiple un-patched Microsoft vulnerabilities in an aim to install a back-door Trojan, according to Joel Camissar managing director A/NZ at Websense.

“Rather than looking for one exploit – which is the norm - it looks for several and hones in on one to then install a Trojan horse,” said Camissar.

“When the Web site is visited, a malicious JavaScript file (e.js) is executed. Site visitors infected with this malicious code will have a Trojan downloaded and backdoor installed on their desktops,” according to a Websense advisory.

First discovered on 17th August, the technique was used to attack a prominent Indian bank and a US biotechnology company, said Camissar.

“And this campaign is hosted by the same group,” he added.



Source from:


Other articles
2009/2/4 23:20:16 - Cloud computing is a storage spot for malware
2009/2/4 23:20:15 - Microsoft responds to Windows 7 security gripe
2009/2/4 23:20:12 - Web identity hijacking on the rise
2009/2/4 23:20:12 - Google glitch puts surfers in a quandary
2009/2/4 23:20:11 - Facebook plays down privacy concerns
2009/2/4 23:20:10 - Australian Computer Society to use Sophos security solution
2009/2/4 23:20:09 - Google working on fix for clickjacking vulnerability in Chrome
2009/2/4 23:20:08 - McAfee: Malware will use web and USB sticks to spread in 2009
2009/2/4 23:20:07 - With economy in tailspin, Monster discloses major breach
2009/2/4 23:20:06 - OS X 'pirate' trojan resurfaces
2009/2/4 23:20:05 - IE 8 approaching on formal release
2009/2/4 23:20:04 - Companies warned over use of Netbooks
2009/2/4 23:20:03 - Trend Micro signs up with BigFix
2009/2/4 23:17:08 - Banks urged to change security policies
2009/2/4 23:17:08 - Heartland incident provides opportunity to standardise data breach notification laws

The comments are owned by the poster. We aren't responsible for their content.

Articles