Picture this: You're innocently surfing the Web, checking your favorite baseball team's stats, when all of a sudden the browser closes and you get a warning that your system may be infested with a virus. Oooh, bad! Better scan, right? Wrong! You didn't ask for that scan, and it doesn't have your best interests at heart. At best the scan will complete with a list of scary viruses and demand cash to remove them. At worst it will actually plant malicious software on your system. So how do you recognize and avoid this kind of chicanery? A recent video by Roger Thompson of Exploit Prevention Labs walks through the experience step by step.
Thompson's video shows exactly what the attack looks like and shows just how it happens. The root cause is that modern Web sites draw content from all over, and it's easy for a sneak to slip in content that's not what the site owner expected. This type of attack isn't stopped by antivirus, and HTML traffic comes in right through the firewall. To protect against this sort of attack, you need something that can analyze the code on a Web page and identify exploits of this sort--something like LinkScanner Pro from Thompson's own company.
Friday, July 17, 2009
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment