31 3 / 2008
Once again, IFrame injection attacks are ramping up [security]
Looks like this iFrame hack issue is still at large and getting larger…but Dancho Danchev is on it. This past Friday, Dancho touched on the fact that Symantec has raised the rating of this issue; and as of late, more high profile websites have joined the victim list, including Walmart.com, ABCNews.com WebShots.com and even Forbes.com. One cool thing about Dancho’s blog is that he points out where these attacks are originating. I touched on the QA side of security testing on my previous post. If this keeps up, Google may want to investigate a way to parse cached data, or nip changes to cached data by checking timestamps, or find some ability to help kill this nusiance.
Side note: As I try to improve my knowledge of information security, and how it can be supported by QA (especially after I earn my CISSP), I discovered another resource. Take a moment and visit Security Uncorked, it’s another valued added blog that I highly recommend.
