|
Home > News > Tags > iframe injection
|
|
30
Stories about: iframe injection |
|
|
The official website of InMobi, one of the largest independent mobile advertising networks in the world, was found to contain some serious vulnerabilities that could be exploited at any time by cybercriminals. Unfortunately, the issues are ignored by the company. According to Indian security researcher Shadab Siddiq... |
22 March 2012
15:31 GMT |
 |
|
The official site of Tanishq, one of the most famous jewelry brands in India, has been reported as containing a large number of vulnerabilities that could expose their customers to malicious operations.
Tanishq is a subsidiary of Titan Industries and it’s highly promoted by the largest conglomerate in India, t... |
20 March 2012
16:01 GMT |
|
|
Seeing that a lot of websites are plagued with Iframe Injection vulnerabilities, independent security researcher Shadab Siddiqui made up an advisory to help website administrators recover their websites after such a security hole has been exploited. He also listed some safety measures that must be implemented in orde... |
4 March 2012
02:11 GMT |
|
|
Pinterest, the pinboard social media website whose popularity increased so much that even Facebook’s CEO Mark Zuckerberg signed up, was found to contain a number of vulnerabilities that could allow an attacker to cause serious damage. Shadab Siddiqui, the security researcher that lately provided us with tons o... |
29 February 2012
14:21 GMT |
|
|
Security researchers from Armorize warn that Goal.com's security problems are not over and the website continues to infect visitors, this time with scareware.
At the beginning of this month, Armorize's web-scanning service detected a malware infection on popular soccer news site goal.com.
The company&... |
23 May 2011
05:18 GMT |
|
|
Security researchers from Armorize warn that attackers have managed to inject visitor infecting code into the popular soccer news website goal.com.According to Armorize experts, a rogue iframe has been inserted, probably through SQL injection techniques, into multiple goal.com pages including the main English one."Fr... |
3 May 2011
04:08 GMT |
|
|
The websites of BBC 6 Music and 1Xtra radios were used by hackers to exploit visitors and infect them with a dangerous banking trojan.According to security researchers from Websense, attackers exploited vulnerabilities in the two websites in order to inject a hidden iframe into them.The iframe loaded malicious conten... |
15 February 2011
12:55 GMT |
|
|
Security researchers have identified a sophisticated mass injection attack that uses polymorphic obfuscation and so far has targeted WordPress blogs at an US-based hosting provider.According to Fraser Howard, a principal virus researcher at Sophos, the attacks began a few weeks ago and they all seem to affect website... |
1 December 2010
10:55 GMT |
|
|
A Romanian security researcher has discovered multiple cross-site scripting (XSS) weaknesses in several localized MSN websites, which allow for session cookie hijacking and IFrame injection.The bugs were discovered on various websites hosted in sub-sections on ca.msn.com, fr.msn.com, be.msn.com and fi.msn.com.Cross-s... |
19 August 2010
16:22 GMT |
|
|
The support site of leading Chinese PC manufacturer Lenovo has been compromised by unknown attackers who injected a rogue IFrame into the pages over the weekend. Security researchers warn that unwary visitors looking for drivers are exposed to several exploits that install the Bredolab trojan onto their computers. Ac... |
21 June 2010
10:26 GMT |
|
|
The website of the U.S. Department of Treasury Bureau of Engraving and Printing (BEP) was compromised by unknown attackers, who rigged it to infect visitors with malware. A malicious IFrame loading exploits from a third-party domain was injected into the index page.The hack was discovered sometime on Sunday evening, ... |
4 May 2010
10:29 GMT |
|
|
Thousands of websites hosted at Network Solutions have been compromised and had their index pages injected with a malicious IFrame. This appears to be a reiteration of an attack that took place over a week ago, but targeted only WordPress-powered blogs.The new mass injection attack has been reported by Sucuri Securit... |
21 April 2010
10:37 GMT |
|
|
A former antivirus analyst ostracized by the AV community for unethical behavior is accusing Kaspersky Lab of injecting malicious code into his newly launched website. Researchers with the Russian antivirus vendor portray the former white hat as a cyber-criminal associated with the Sinowal gang.Peter Kleissner is an ... |
29 October 2009
10:15 GMT |
|
|
Security researchers warn that a new injection attack has infected thousands of websites with malicious IFrames. In order to avoid detection, the rogue IFrames get their src attribute through an onload JavaScript event. The infection was first spotted by malware analysts from antivirus vendor Sophos on the website o... |
26 October 2009
10:40 GMT |
|
|
Security researchers warn that the Gumblar Web threat has returned with a more potent version. The new iteration features serious changes in architecture, making it more resilient to takedown attempts, and also serves new exploits. In May 2009 the number of websites compromised due to a new mass Web injection attack... |
22 October 2009
07:59 GMT |
|
|
Security researchers advise that a new mass compromise attack is underway and has affected over 62,000 URLs to date. A rogue IFrame injected into the compromised Web pages loads a cocktail of exploits and malware from other domains.Web security company ScanSafe has been monitoring this new threat and advises that the... |
25 August 2009
05:52 GMT |
|
|
Websites belonging to UK's national security agency, the MI5 (Millitary Intelligence, Section 5) and the World Health Organization (WHO) have been found vulnerable to cross-site scripting attacks. The weaknesses allow attackers to inject rogue IFrames, prompt JavaScript alerts or redirect visitors to other poten... |
22 July 2009
07:33 GMT |
|
|
Torrentreactor, one of the largest torrent indexers, has been compromised by unknown attackers who injected a hidden IFrame into its pages. The IFrame loads malicious code from a remote server that attempts to exploit software on visitors' computers and infect them with malware. The incident has been reported b... |
2 July 2009
06:04 GMT |
|
|
Security researchers from Websense warn that a new wave of web injection attacks is rapidly making thousands of victims. The new complex threat, dubbed Nine-Ball, features obfuscated code, multi-level redirection, visitor filtering and attempts to exploit multiple vulnerabilities found in popular applications. This ... |
19 June 2009
08:11 GMT |
|
|
Researchers from net security company Websense warn that a particular section of the MSN Canada website has fallen victim to hackers who injected rogue code into a page used for redirection. The code is obfuscated and loads content from a domain associated with malware distribution. The msn.ca website redirects to s... |
12 June 2009
09:01 GMT |
|
|
A cross-site scripting vulnerability discovered in the website of RBS WorldPay allows attackers to launch efficient phishing attacks against customers. The same flaw can also be exploited to serve malware or prompt rogue alerts. The XSS weakness has been discovered and documented by a Team Elite member, going by the... |
23 May 2009
06:22 GMT |
|
|
Dangerous cross-site scripting vulnerabilities have been discovered in several PayPal websites, potentially facilitating phishing and other attacks. One of the proof-of-concept attacks demonstrates how an arbitrary IFrame can be injected into the PayPal merchant account registration form, over SSL. The vulnerabiliti... |
13 May 2009
06:11 GMT |
|
|
A self-confessed white-hat hacker has published proof-of-concept attacks against websites connected to global IT security vendor McAfee. XSS vulnerabilities allow for an IFrame injection and rogue redirection. Methodman, a member of the Team Elite programming outfit, has published screenshots of the flaws he found i... |
4 May 2009
05:54 GMT |
|
|
Websites belonging to Symantec and Kaspersky Labs, two of the biggest global providers of security solutions, have been found to be vulnerable to cross-site scripting attacks. Ill-intent individuals could have exploited the flaws to steal authentication cookies or inject rogue IFrames and other potentially malicious ... |
16 April 2009
07:08 GMT |
|
|
Researchers from IT communications security company Websense warn that the website of Portugal's Embassy in India has been compromised by malware distributors and is currently attempting to run exploits for no less than six vulnerabilities in different software packages. Several rogue IFrames have been injected... |
21 March 2009
07:30 GMT |
|
|
Security researchers from Sophos anti-virus warn that a malicious IFrame has been injected into the website of the Ethiopian Embassy in Washington, D.C. In an unrelated incident, the Embassies of Republic of Azerbaijan in Hungary and Pakistan have had their websites compromised in a similar manner. "The Embassy of E... |
17 March 2009
08:26 GMT |
|
|
|
|
Find us on Google+
