Main PHP-Nuke Site Compromised
Source: ThreatPost - Posted by Alex   
Latest News If you're using PHP-Nuke, you almost deserve what you get. That application has a very sordid security history. The main site for the PHP-Nuke content management system software has been compromised and is serving malicious iFrame exploits to visitors. Researchers at Websense found that the site is currently serving several different exploits. The attack uses the common iFrame-redirection technique to hijack users' browsers and send them off to a malicious site. The code on that site is highly obfuscated and contains exploits for three separate vulnerabilities, two in Internet Explorer and one in Adobe Reader.

The first attack tries to exploit a four-year-old flaw in Internet Explorer. If that part of the attack works, it downloads a Trojan onto the victim's machine. The malware then tries to connect to several Web sites, the researchers said.

Read this full article at ThreatPost

Only registered users can write comments.
Please login or register.

Powered by AkoComment!