Re: Trend Micro Hacked - Serving Malicious Iframes

Author	All Replies
EGeezer Go Bobcats Premium join:2002-08-04 Country! ·Callcentric ·RoadRunner Cable ·AT&T CallVantage	reply to SUMware Re: Trend Micro Hacked - Serving Malicious Iframes Good find - Based on that incident, I'm glad I have NoScript enabled. This goes to demonstrate that "trusted sites" can still serve up malware. It shoots down the often-repeated assumption that "careful browsing" is the silver bullet that eliminates the need for security tools. -- Mayors of New York come from nowhere and go nowhere. Wallace Sayre (apparently, so do governors... )
	to forum · permalink · · 2008-03-14 01:42:40 ·
Bubba17 Less is More Premium join:2006-09-21	said by EGeezer : This goes to demonstrate that "trusted sites" can still serve up malware. Frustrating. I operate a locked-down IE7 .. greatly utilizing the trusted/NOT scheme. Presently, should KIS7's web protection component fail to detect a trusted(s) compromise .. there is no second line. -- "Fast is fine, but accuracy is everything" --Wyatt Earp
Bubba17 Less is More Premium join:2006-09-21	to forum · permalink · · 2008-03-15 10:13:33 ·
EGeezer Go Bobcats Premium join:2002-08-04 Country! ·Callcentric ·RoadRunner Cable ·AT&T CallVantage	The infection of legitimate and normally trusted websites also brings mitigation and recovery to the forefront. If one assumes that at some point they may be breached, then they can start putting together a response and recovery plan. One example is a mini-TTX where we "pretend" that our PC has been hacked, corrupted, logins stolen, ID and CC info captured etc. and our recent available backups may be suspect. From that point, practice or develop a response and document as needed. Although this PPT relates to school and organizational training, many of the tips for planning and doing the exercise are applicable. -- Mayors of New York come from nowhere and go nowhere. Wallace Sayre (apparently, so do governors... )
	to forum · permalink · · 2008-03-15 12:14:38 ·
webscanner @web123.com	reply to Bubba17 said by Bubba17 : Frustrating. I operate a locked-down IE7 .. greatly utilizing the trusted/NOT scheme. Presently, should KIS7's web protection component fail to detect a trusted(s) compromise .. there is no second line. Does the web scanner of any antivirus program really offer any needed protection? If the antivirus program is going to catch the threat, would it not catch it just as well without the use of a web scanner? I have often wondered if including a web scanner in an antivirus program was more marketing hype than truly being useful. Am I wrong?
webscanner @web123.com	to forum · permalink · 2008-03-23 11:17:22 ·
JTM1051 Premium,MVM join:2000-07-08 Moorpark, CA	reply to EGeezer said by EGeezer : ...Based on that incident, I'm glad I have NoScript enabled. This goes to demonstrate that "trusted sites" can still serve up malware. ... Ditto; using Fx with NoScript and all the "Additional restrictions for untrusted sites " (NoScript's Options > Plugins) enabled. Since I only use IE for few sites that need/work best with IE, easy for me to lock down IE using customized settings for Trusted Sites, all other security zones set to max high settings. Also using Online Armor's "Run Safer" setting for Fx, Opera and IE.
JTM1051 Premium,MVM join:2000-07-08 Moorpark, CA	to forum · permalink · · 2008-03-23 14:13:37 ·


Wednesday, 25-Nov 23:34:41	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com. page compression OFF