dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
855

Cudni
La Merma - Vigilado
MVM
join:2003-12-20
Someshire

3 recommendations

Cudni

MVM

Exploit Sat on LA Times Website for 6 Weeeks

from
»krebsonsecurity.com/2013 ··· 6-weeks/
"...
The Los Angeles Times has scrubbed its Web site of malicious code that served browser exploits and malware to potentially hundreds of thousands of readers over the past six weeks.
.."

time it took to neuter aside, further confirmation of how javascript (used as a entry vector) should be controlled always

Cudni

therube
join:2004-11-11
Randallstown, MD

therube

Member

> redirecting visitors to a third-party Web site

Who cares.

By default NoScript blocks JavaScript from running from any not allowed web site. And this specific not allowed (or any, for that matter - now how about that!) "third-party Web site" is covered by that.
Well gee, that was easy.
Protected.
(At the least from JavaScript exploits from those domains.)

Plus we have all those scanning (you name it: websites, like Google, & A/V programs that scan websites, & those websites that specifically scan other websites looking for exploits, all those "safe or trustworthy" scanners - WOT, McAfee, Safe Browsing Diagnostic, hpHost Report, Webmaster Tips Site Information, & on & on ...) & guess what, none of them picked up this malware on LAT, & so they did little or nothing in protecting you in that regard.

So go ahead, put your trust in WOT, heh.

(Reading further, quickly, I see that AVAST did pick up on something, so it may have helped somewhat?)

goalieskates
Premium Member
join:2004-09-12
land of big

goalieskates to Cudni

Premium Member

to Cudni
Right on top of things, aren't they?

not ...

EUS
Kill cancer
Premium Member
join:2002-09-10
canada

EUS to therube

Premium Member

to therube
Avast dutifully notified me last night by way of another popup that this news story had occurred.
I hate it. I hope I cancelled the right notification in settings, or I won't be notified if something actually bad has occurred on my machine.
/Broken record re: Avast & Popups

antdude
Matrix Ant
Premium Member
join:2001-03-25
US

antdude to Cudni

Premium Member

to Cudni

LA Times Cleans Up Website, but over 320,000 Have Been Exposed

»news.softpedia.com/news/ ··· 88.shtml from »www.bluesnews.com/cgi-bi ··· d=139119 ...
Secyurityet
Premium Member
join:2012-01-07
untied state

Secyurityet to Cudni

Premium Member

to Cudni

Re: Exploit Sat on LA Times Website for 6 Weeeks

I love their second response, essentially "nobody's personal information was compromised by our vendor's site, so no harm, no foul."

Maybe, except for the five hours per computer spent trying to clean the malware off...
HELLFIRE
MVM
join:2009-11-25

HELLFIRE

MVM

Welcome to IT, namely, are the hours 24/7?
quote:
“Of course.”
Overtime pay?
quote:
“This isn’t McDonald’s. We don’t pay by the hour.”
Compensation for overtime / above and beyond performance?
quote:
“No. That’s just part of the job.”
Total hours worked on average?
quote:
“We’re team players. We don’t count hours.”
Regards