Websense Discovers Thousands of Sites, Including U.N.’s, Compromised in Massive Javascript Attack

Posted on
Like what you see? Share it.Share on Google+Share on LinkedInShare on FacebookShare on RedditTweet about this on TwitterEmail this to someone

<strong>San Diego &mdash; April 23</strong><br />Highlighting the need for adaptive, real-time Web security, Websense Inc. announced that the Websense Security Labs researchers were the first to discover that hundreds of thousands of legitimate Web sites with "good" reputations, including some United Nations and U.K. Government Web sites, have been compromised with a massive Javascript injection attack aimed at stealing user information. Websense Web security customers and their essential information were immediately protected. <br /><br />This attack method highlights a growing number of attacks that take advantage of the flaws in traditional security that relies on signatures and Web reputation to protect customers. By infecting hundreds of thousands of well-trafficked, well-known Web sites simultaneously, attackers only need a window of a few hours to get a large number of potential victims. Web users and organizations without real-time protection are vulnerable. <br /><br />Websense, with its global Websense ThreatSeeker Network that includes an Internet "HoneyGrid" that discovers and analyzes billions of disparate pieces of Internet content everyday, rapidly identifies newly infected sites as they are compromised and often even before they are compromised, protecting customers and their essential information in real time. <br /><br />This well-orchestrated, widespread attack appears to be from the same group that launched a similar one in March 2008 in which tens of thousands of well-known Web sites were infected with malicious links, and due to noted similarities in attack method, the group may be connected to the Dolphin Stadium Super Bowl compromise of 2007. <br /><br />In the current attack, in addition to the thousands of new Web sites that have been targeted, the group is also using previously compromised Web sites from the March attack that have not been cleaned to host the malicious code. <br /><br />"This attack seeks to exploit users who trust that their favorite, legitimate Web sites are safe," said Dan Hubbard, vice president of security research at Websense. "Unfortunately, we believe that attacks that target popular Web sites, those with the most unique visitors, will be on the rise. In this rapidly changing threat environment, organizations must have Web security that can adapt to threats in real time." <br />

Like what you see? Share it.Share on Google+Share on LinkedInShare on FacebookShare on RedditTweet about this on TwitterEmail this to someone
cmadmin

ABOUT THE AUTHOR

Posted in Archive|

Comment: