New IE Flaw Exploited on Porn Sites
Now we did warn you, and I quote:
Especially if you go to “those” sites. Yes, you. Stop pretending you don’t know what I’m talking about.
For the record “those sites” are porn and gambling. So you poker addicts are next. And you file sharers- don’t start thinking you’re all safe or something. Those torrent trackers are web pages you know.
Of course Disney World fingerprints everyone these days, so maybe they’ll pick this up.
Reader interactions
One Reply to “We Did Warn You, Didn’t We…”
The trend of the month seems to be cross-site scripting and embedding attacks into trusted websites. Cross site scripting (XSS) is a form of attack where the attacker takes advantage of poorly programmed web pages and can embed his or her own code in the page to go after your browser (a seriously simple explanation, check out Wiki for more). MITRE (they speak CVE!) called cross-site scripting the number 1 vulnerability of all time (in terms of volume). Dark Reading reports a number of major sites hacked recently this way. Possibly hundreds of sites hosted on HostGator were hacked (not with cross site scripting) and code inserted (using an iframe for you geeks) to infect anyone with the temerity to visit the sites using Internet Explorer (we DID warn you).