Microsoft blames hackers, not vulnerability, for web attack

Tuesday, 29 June 2004, 12:44 PM EST

The Web attack that was stopped dead in its tracks on Friday when a Russian Web site was taken offline remained under investigation Monday by a host of security firms still puzzled over the method used to infect a number of Microsoft Internet (news - web sites) Information Services servers.

But the evidence now is leading them to accept Microsoft's explanation that the IIS 5.0 servers were hacked manually and that the server software doesn't have an unknown vulnerability.

"Nobody yet knows how these servers were infected," said Ken Dunham, director of malicious code research at iDefense. "But if it was a widespread vulnerability, how come there weren't more servers infected? If that was the case, we should have heard reports by now about lots of other computers" being infected with the malicious JavaScript code.

By Gregg Keizer at TechWeb News

[ Read more ]




Spotlight

USBdriveby: Compromising computers with a $20 microcontroller

Posted on 19 December 2014.  |  Security researcher Samy Kamkar has devised a fast and easy way to compromise an unlocked computer and open a backdoor on it: a simple and cheap ($20) pre-programmed Teensy microcontroller.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Fri, Dec 19th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //