Well this past week, another large scale hacking of legitimate sites including some belonging to the UN, the UK government, .edu sites, and many travel sites to name just a few.  The hack includes a re-direct that pointed visitors to the exploited sites to some servers in China and ran 8 exploits including MS07-004 for IE.  This has now become a more common exploit that attacks trusted sites then it can direct it to the criminal attackers bad websites.  The two sites it pointed to were IP’s that belonged to China.  Surprise!

Just do a Google search with these sites and you will see how wide spread the problem is.  Search on these but don’t go to any of these sites.   nihaorr1.com, and haoliuliang.net.

The lessons learned here are these.  No longer can we say there is something called trusted sites.  I use the Firefox browser and use an add-on called “NoScript”.  Check it out.  It allows you to control what JavaScript runs and what doesn’t.  And of course patching is VERY important.  Patch your Microsoft software, your Firefox browser, QuickTime, iTunes, RealPlayer, WinZip, Adobe Reader, Adobe Flash, and any other software that you use.  Here are the facts.  Due to crappy programming, the Computer Security field is going strong.  This is the core problem.  Not any easy answers here to solve but you can doe the things mentioned above.

Stay safe out there and I’ll be posting another story later this weekend.  I’ve been busy and haven’t had too much time.  We have been tracking this particular story where I work and I wanted to pass this along to you also.  Rock Chalk Jayhawk GO KU!!!  And remember, North Carolina Tarheel fans don’t have to listen to any of my advice.

Possibly related posts: (automatically generated)