Hackers exploit poor website code
section: common, for your questions: KezNews forum, 14.4.2008
Web designers making very old mistakes are letting malicious hackers hijack visitors to their sites, say experts.
Many of the loopholes left in the code created for websites have been known about for almost a decade say the security researchers.
The poor practices are proving very attractive to hi-tech criminals looking for a ready source of victims.
According to Symantec the number of sites vulnerable in this way almost doubled during the last half of 2007.
Wholly vulnerable
Kevin Hogan, director of security operations at Symantec, said the bug-ridden web code was putting visitors to many entirely innocent sites at risk.
"It overturns the whole notion that if you stay away from gambling and porn sites you are okay," he said.
The attack that a malicious hacker can carry out via these web code vulnerabilities is known as cross-site scripting (abbreviated as XSS).
Typically these involve lax control of the data being swapped between a web server and the browser program someone is using to interact with it.
An XSS vulnerability could, for instance, allow attackers to steal the login credentials of a visitor to a site.
source:
news.bbc.co.uk
Send link 2 friend | Permalink
MORE RELATED ARTICLES:
Hackers quickly move to exploit Bhutto assassination || Microsoft Connect Website Updated || Microsoft lures Linux Hackers || Hackers Open Up Mac OS X Leopard for PC || Even with Vista SP1, Hackers Still Crack Windows Genuine Advantage
Comments(1)
lol been there and done that
Add a Comment
Hahahaha
By l33t on 17.04.2008 - 18:04