 CudniLa Merma - VigiladoPremium,MVM
join:2003-12-20
Someshire
kudos:13 | Exploit Sat on LA Times Website for 6 Weeeks from
»krebsonsecurity.com/2013/02/expl···6-weeks/
"...
The Los Angeles Times has scrubbed its Web site of malicious code that served browser exploits and malware to potentially hundreds of thousands of readers over the past six weeks.
.."
time it took to neuter aside, further confirmation of how javascript (used as a entry vector) should be controlled always
Cudni
--
"what we know we know the same, what we don't know, we don't know it differently."
Help yourself so God can help you.
Microsoft MVP, 2006 - 2012/13 |
|
 therube
join:2004-11-11
Randallstown, MD | > redirecting visitors to a third-party Web site
Who cares.
By default NoScript blocks JavaScript from running from any not allowed web site. And this specific not allowed (or any, for that matter - now how about that!) "third-party Web site" is covered by that.
Well gee, that was easy.
Protected.
(At the least from JavaScript exploits from those domains.)
Plus we have all those scanning (you name it: websites, like Google, & A/V programs that scan websites, & those websites that specifically scan other websites looking for exploits, all those "safe or trustworthy" scanners - WOT, McAfee, Safe Browsing Diagnostic, hpHost Report, Webmaster Tips Site Information, & on & on ...) & guess what, none of them picked up this malware on LAT, & so they did little or nothing in protecting you in that regard.
So go ahead, put your trust in WOT, heh.
(Reading further, quickly, I see that AVAST did pick up on something, so it may have helped somewhat?) |
|
|
|
| reply to Cudni
Right on top of things, aren't they?
not ... |
|
 EUSKill cancerPremium
join:2002-09-10
canada
 ·voip.ms
| reply to therube
Avast dutifully notified me last night by way of another popup that this news story had occurred.
I hate it. I hope I cancelled the right notification in settings, or I won't be notified if something actually bad has occurred on my machine.
/Broken record re: Avast & Popups
--
~ Project Hope ~ |
|
 antdudeA Ninja AntPremium,VIP
join:2001-03-25
United State
kudos:4
 ·RoadRunner Cable
| reply to Cudni
LA Times Cleans Up Website, but over 320,000 Have Been Exposed »news.softpedia.com/news/LA-Times···88.shtml from »www.bluesnews.com/cgi-bin/board.···d=139119 ... |
|
| reply to Cudni
Re: Exploit Sat on LA Times Website for 6 Weeeks I love their second response, essentially "nobody's personal information was compromised by our vendor's site, so no harm, no foul."
Maybe, except for the five hours per computer spent trying to clean the malware off... |
|
| Welcome to IT, namely, are the hours 24/7?
quote:
“Of course.”
Overtime pay?
quote:
“This isn’t McDonald’s. We don’t pay by the hour.”
Compensation for overtime / above and beyond performance?
quote:
“No. That’s just part of the job.”
Total hours worked on average?
quote:
“We’re team players. We don’t count hours.”
Regards |
|
