An Interest In:
Web News this Week
- April 22, 2024
- April 21, 2024
- April 20, 2024
- April 19, 2024
- April 18, 2024
- April 17, 2024
- April 16, 2024
Some of Our Sources
- Web Designer Wall
- Pearsonified
- Spoon Graphics
- Fuel Your Creativity
- FanExtra - PSD
- Wal You
- Web Resource Source
- Daily Now
- Dev To
- TechPowerUp
Help Webnuz
Referal links:
October 15, 2017 12:00 am
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/foYN_3xiZW4/not-just-equifax-rival-site-transunion-served-malware-too----and-1000-more-sites
Not Just Equifax. Rival Site Transunion Served Malware Too -- and 1,000 More Sites
An anonymous reader quotes Ars Technica:Equifax isn't the only credit-reporting behemoth with a website redirecting visitors to fake Adobe Flash updates. A security researcher from AV provider Malwarebytes said transunioncentroamerica.com, a TransUnion site serving people in Central America, [was] also sending visitors to the fraudulent updates and other types of malicious pages... Malwarebytes security researcher Jerome Segura says he was able to repeatedly reproduce a similar chain of fraudulent redirects when he pointed his browser to the transunioncentroamerica.com site. On some occasions, the final link in the chain would push a fake Flash update. In other cases, it delivered an exploit kit that tried to infect computers with unpatched browsers or browser plugins... "This is not something users want to have," Segura told Ars... Equifax on Thursday was quick to say that its systems were never compromised in the attacks. TransUnion said much the same thing. This is an important distinction in some respects because it means that the redirections weren't the result of attackers having access to restricted parts of either company's networks. At the same time, the incidents show that visitors to both sites remain much more vulnerable to malicious content than they should be. Both sites hosted fireclick.js, an old script from a small web analytics company which pulls pages from sites like Akamai, SiteStats.info, and Ostats.net. "It appears that attackers have compromised the third-party library," writes BankInfoSecurity, adding that Malwarebytes estimates over a 1,000 more sites are using the same library.Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/foYN_3xiZW4/not-just-equifax-rival-site-transunion-served-malware-too----and-1000-more-sites
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot