Monthly Archives: January 2011

security

Widgets or IFrame hacks, how would we know?

A particular aspect in IT security is injecting malware into websites. Often leading to so-called “drive by downloads“. This malware is often inserted due to a browser vulnerability which gets executed by, say, Javascript. The latter is usually “inserted” in a legitimate website using a hidden <IFRAME> tag or similar.

How can this be stopped? Modern websites include, because of widgets, several external Javascripts onto their own sites. When going to the gadget popular website engadget.com, a total of 17 hosts are contacted… read more »