| Anonyma 2007-03-31, 7:20 pm |
| The Sans Institute has raised the "Infocon Alert" to yellow. They only do
that when an exploit becomes widespread. From this morning's web page (
http://www.isc.sans.org ) they give their reasons:
> * Exploit code has been publicly released which allows trivial modification to add any arbitrary payload.
> * The number of malicious sites reported is rising rapidly, limiting the efficacy of blacklisting.
> * The number of compromised sites pointing to malicious sites is also on the rise.
If you host webpages or are a webmaster, webmistress, or webenuch, make
sure that all the custom cursors you call out are really yours. In many
cases custom cursor callouts are the only changes made by criminals to
hacked web sites.
This is not a little script kiddy exploit and has the earmarks of serious
criminal activity.
|