US Department of Labor website hacked, serves malware, now fixed

U.S. Department of Labor site was hacked on May Day, which is Labour Day in much of the world, but not in the United States, where Labour Day is celebrated in September. The attack used a malicious JavaScript file to get your browser to download a file called bookmark.png. The malicious JavaScript then uses the function called helo() in the script above in an effort to trigger the. remote code execution vulnerability in Internet Explorer 8. Microsofts EMET (threat mitigation tool) can be used to protect IE 8. Sophos products detect the malicious components as listed below.”]

Source: https://nakedsecurity.sophos.com/2013/05/02/us-department-of-labor-website-hacked-serves-malware-now-fixed/

Something Fresh

Zip Codes & PII: Are They Personal Data?

ZeroNet: 51% Attack Risks & Mitigation

Zero Knowledge Voting with Trusted Server

What People Reading

YubiKey Security: Initial Setup with Yubi Cloud

Zero-Day Vulnerabilities: User Defence Guide

Feedback and data-driven updates to Googles disclosure policy

ZAP: Brute Force Passwords

Security Insider Interview Series: John McArthur, Senior Product Manager, IP Intelligence; and Rupert Young, Senior Director Software Engineering, Data Compilation and Identity, Neustar

Categories

Partners

Just add here your partners image or promo text