Mass-injection Attack News, Articles and Updates
Another mass SQL injection attack, similar to "Liza Moon" from earlier this year, is impacting more than a million websites.
More than three million web pages have been compromised with malware as part of a mass IFRAME injection attack targeting unpatched versions of the open source e-commerce framework, OSCommerce, researchers at web application security firm Armorize have warned. The attack, which appears to originate in the Ukraine, has affected 3.8 million sites, which are running OSCommerce version 2.2 and earlier. Those who visit an affected site are pointed to the malicious domains willysy.com or exero.eu. After a series of redirects, users end up at a domain that attempts to exploit multiple web browser and PDF vulnerabilities, and install a variant of SpyEye.
Researchers are not sure how many websites have been compromised but said new Asprox botnet attacks are underway.
Another round of IFRAME infections has compromised tens of thousands of legitimate websites.
SC Magazine Articles
- Brexit shakeup: How will the U.K.'s exit from the EU affect the technology sector?
- Blasphemy! Godless malware preys on nearly 90 percent of Android devices
- 'Password attacks' continue; Citrix becomes latest victim
- Dangerous connections: Risky LinkedIn behavior runs rampant, finds survey
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- CEO sacked after aircraft company grounded by whaling attack
- Wendy's POS breach 'considerably' bigger than first thought
- Microsoft warns of new, self-propagating ransomware in the wild
- No hacking required: Israeli researchers show how to steal data through PC components
- Hacker purportedly selling over 650,000 stolen medical records on dark web marketplace
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Wi-Fi warning! Study finds U.S. unaware of public Wi-fi risks
- Google encryption flaw could allow video piracy
- IRS implements new authentication safeguards