republican-creole
Search:  

 
theme to black backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Up and Running » Security » Security » Trend Micro Hacked - Serving Malicious Iframes
Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
AV Programs - most users?! »
« Security Software Updates 22 Mar 2008  

EGeezer
Go Bobcats
Premium
join:2002-08-04
Country!
·Callcentric
·RoadRunner Cable
·AT&T CallVantage

Re: Trend Micro Hacked - Serving Malicious Iframes

Good find -

Based on that incident, I'm glad I have NoScript enabled. This goes to demonstrate that "trusted sites" can still serve up malware.

It shoots down the often-repeated assumption that "careful browsing" is the silver bullet that eliminates the need for security tools.
--
Mayors of New York come from nowhere and go nowhere.
Wallace Sayre (apparently, so do governors... )
permalink · 2008-03-14 01:42:40 · Reply to this

Bubba17
Less is More
Premium
join:2006-09-21

Re: Trend Micro Hacked - Serving Malicious Iframes

said by EGeezer See Profile :

This goes to demonstrate that "trusted sites" can still serve up malware.
Frustrating. I operate a locked-down IE7 .. greatly utilizing the trusted/NOT scheme.

Presently, should KIS7's web protection component fail to detect a trusted(s) compromise .. there is no second line.
--
"Fast is fine, but accuracy is everything" --Wyatt Earp
permalink · 2008-03-15 10:13:33 · Print · Reply to this

EGeezer
Go Bobcats
Premium
join:2002-08-04
Country!
·Callcentric
·RoadRunner Cable
·AT&T CallVantage

Re: Trend Micro Hacked - Serving Malicious Iframes

The infection of legitimate and normally trusted websites also brings mitigation and recovery to the forefront. If one assumes that at some point they may be breached, then they can start putting together a response and recovery plan. One example is a mini-TTX where we "pretend" that our PC has been hacked, corrupted, logins stolen, ID and CC info captured etc. and our recent available backups may be suspect. From that point, practice or develop a response and document as needed.

Although this PPT relates to school and organizational training, many of the tips for planning and doing the exercise are applicable.
--
Mayors of New York come from nowhere and go nowhere.
Wallace Sayre (apparently, so do governors... )
permalink · 2008-03-15 12:14:38 · Print · Reply to this

webscanner

@web123.com
said by Bubba17 See Profile :

Frustrating. I operate a locked-down IE7 .. greatly utilizing the trusted/NOT scheme.

Presently, should KIS7's web protection component fail to detect a trusted(s) compromise .. there is no second line.
Does the web scanner of *any* antivirus program really offer any needed protection?

If the antivirus program is going to catch the threat, would it not catch it just as well without the use of a web scanner?

I have often wondered if including a web scanner in an antivirus program was more marketing hype than truly being useful. Am I wrong?
permalink · 2008-03-23 11:17:22 · Print · Reply to this

JTM1051
Premium,MVM
join:2000-07-08
Moorpark, CA
said by EGeezer See Profile :

...Based on that incident, I'm glad I have NoScript enabled. This goes to demonstrate that "trusted sites" can still serve up malware. ...
Ditto; using Fx with NoScript and all the "Additional restrictions for untrusted sites " (NoScript's Options > Plugins) enabled.

Since I only use IE for few sites that need/work best with IE, easy for me to lock down IE using customized settings for Trusted Sites, all other security zones set to max high settings.

Also using Online Armor's "Run Safer" setting for Fx, Opera and IE.
permalink · 2008-03-23 14:13:37 · Print · Reply to this
Forums » Up and Running » Security » SecurityAV Programs - most users?! »
« Security Software Updates 22 Mar 2008  

Sunday, 29-Nov 20:10:08 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.
page compression OFF
Most commented news this week
· [124] Time Warner Cable Fires Broadside At Broadcasters
· [112] New AT&T Ad Campaign Hits Back At Verizon
· [96] Apple Joins AT&T Verizon Snark Fest
· [87] New Bill Takes Aim At Higher Verizon ETFs
· [81] Weekend Open Thread
· [80] TiVo Sees Record Customer Losses
· [79] Verizon CEO: Hulu Will Be Dead Soon
· [69] In-Flight Internet Headed For Bumpy Landing?
· [63] Thanksgiving Open Thread
· [41] ICANN Slams DNS Redirection
Most people now reading
· Grey Cup on the Web? [Canadian Chat]
· Are GPS's better today? [General Questions]
· Is Easynews down? [Filesharing Software]
· [Newsgroups] Newzleech down? [Filesharing Software]
· Windows 7 boot manager editing questions [Microsoft Help]
· Surfers beware !!! [TekSavvy]
· Why does it take so long? Mail question [General Questions]
· [HD] hd updates for the Reading, Pa area [Comcast Cable TV]
· Windows 7 - Dell ALPS Touchpad driver [Microsoft Help]