Being cautious on the web…



Incidents.org is reporting on the defacement of a security related web site (winsnort.com). They say they usually decline to comment on those because the attention is what the defacers thrive on. However, it does pay to keep your browser updated and antivirus current. What’s more…. Several days ago there was the news that the President of Iran now has a blog (which is ironic in many ways given the restrictions they place on internet use….) But… anyway, I figured he is getting his propaganda tool our and ready in advance of the UN showdown over the nuclear program. Well, it turns out that some have noticed an interesting gift from the visit to Mr. Ahmadinejad’s site….


According to the post, if visiting the site from Israel and attempting to click on a link she received a Norton Antivirus warning about an IE exploit attempt. From the screenshots the ip was 62.220.121.131 and the exploit was tagged as “HTTP MS IE File DragDrop Embed Code” attack. It did check out to be an Iranian IP address according to her research and the link she describes as being from the www.ahmadinejad.ir to www.khamenei.ir

I can’t seem to confirm any exploit here in the US, however I just may not be lucky. Can anyone outside of Israel corroborate this? Or is this just targetted at Israeli IP’s? Or, is there another explanation? Be cautious out there.

Edit— BTW, the IP address above seems to be the www.khamenei.ir site which is “Grand Ayatollah Seyyed Ali Khamenei official website – I.R.R.C.I”. This is one of the links from the site of Ahmadinejad.

Patches for this vulnerability have been out for some time…. MS045-038 is supposed to address the problem.

–UPDATE 8/15/06–

Some are suggesting that the activity seen was a false positive. Some information on that here. Also there is news that Israeli hackers shut down the site for a time (DoS I suppose).

Related Posts

Blog Traffic Exchange Related Posts
  • Phishing - so many flaws to exploit so little time In the last week there was a well documented writeup of a cross site scripting vulnerability which had allowed a phisher to pose as a paypal login with THE LEGIT PAYPAL SSL CERTIFICATE.... Brian Krebs at the Security Fix has some details on some of the new and interesting ways......
  • OTHER Sony DRM software has security flaws too. You almost want to bury your head in the sand at this point if you're Sony.... Freedom-to-tinker has some details. The last couple weeks the XCP copy protection that Sony uses has been the center of a Firestorm for rootkit capabilities and massive security problems. Well, it seems the OTHER......
  • Protecting yourself from Phishing attacks OK - well if you know what phishing is. You may already be ahead of the game. By now you've probably seen the messages. From:security@yourbank.com to:youremailaddress@isp.com subject:Security breach of your account text: It has come to our attention that there have been numerous ip addresses attempting to access your account......
Blog Traffic Exchange Related Websites
  • Getting Backlinks To Your Site No doubt one of the most important things you can do for yourself if you are building  network marketing blogs is getting links back to your site. To be honest with you Network Marketing is a very hard keyword phrase to get ranked for.  If you are just getting started......
  • Reciprocal Link Building - Double The Web Traffic To Your Site Reciprocal Link Building - Double The Web Traffic To Your Site Reciprocal reciprocal link building is one of the best ways to attract a substantial amount of web traffic to your site. In this process, you have to exchange link with another high traffic website. You start the process by......
  • Where is my 2008 Tax Refund? Check the status of your Federal Refund with the IRS' “Where’s my Refund” I had previously discussed meeting with my accountant, why I wasn’t a huge fan of my account and receiving the news of my New York & Federal income tax refund.  Well its been a while, or at......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Leave a Reply

You must be logged in to post a comment.


Switch to our mobile site