TechTarget

Security experts warn that malicious code lurks in web caches

Security experts have warned of malicious code residing in cached web pages on servers used by ISPs, search engines and businesses.

Security experts have warned of malicious code residing in cached web pages on servers used by ISPs, search engines...

and businesses.

Web security firm Finjan identified several instances of malicious code found on public storage and caching servers in its Web Security Trends Report for third quarter of 2006.

Chief technology officer Yuval Ben-Itzhak warned, “This malicious code can be referenced by third-party web pages and can be used to exploit an end-user’s machine. Even if the malicious site has been taken down, its malicious content is still stored and served by the caching servers.”

He added, “The exploit can result in the installation of Spyware, Trojans, and other malware that compromise a user’s privacy and identity.”

Ben-Itzhak warned that storage and caching servers “could unintentionally become the largest ‘legitimate’ storage venue for malicious code”.

Finjan has provided technical details to ISPs and search engine firms.

The third quarter report also points to new use of Web 2.0 and Ajax (Asynchronous JavaScript and XML) technologies for malicious activities. These technologies are designed to produce a better web experience for Internet users, but Ben-Itzhak warned that they could also provide new ways to propagate malware.

 

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close