funsec mailing list archives
Chinese Internet Security Response Team Website Hosting Malicious Cont ent
From: "Paul Ferguson" <fergdawg () netzero net>
Date: Tue, 2 Oct 2007 17:55:55 GMT
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Via El Reg. [snip] A recent post by the team at the Chinese Internet Security Response Team to their English-language site indicates that some of the site visitors are experiencing an attack from the CISRT.org site as a result of an injected IFRAME tag. Injected IFRAME tags are not a new means of using legitimate sites to launch attacks on unsuspecting users, with a recent notable case being the Bank of India hack. What is different in this case is that the hack is only being served to seemingly random site visitors. [snip] More: http://www.theregister.co.uk/2007/10/02/chinese_internet_security_response_ team_attacked/ Note: I'm wondering if it is still hosting malicious content -- there is a lot of embedded JavaScript at that site that I just don't have time right now to examine in more detail. It is my opinion that a CERT/CSIRT webpage shouldn't be a JavaScript minefield. - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.6.3 (Build 3017) wj8DBQFHAoYlq1pz9mNUZTMRAt4sAJ0d7cZ2cbHPvpnq2MxSobUrMi3wEwCgh38/ MQARLrjVhY1YnKVmCJq28cc= =7JFn -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Chinese Internet Security Response Team Website Hosting Malicious Cont ent Paul Ferguson (Oct 02)