Recently, a financial portal moneycontrol.com leader suffered iFrame injection attack. information security professionals of the vulnerabilities mitigated portal. iframe tags are used to embed links to other sites on a website. IFrame injection is a form of cross site scripting attacks where hackers inject iframe tag in a web page. The tags you can download malicious files and infect the website and related databases. Visitors to the iFrame injection site are redirected to a fraudulent website with malicious files. Next, the user's browser is loaded with exploits to insert Trojan horses and viruses on their computer systems.
web development defects can lead to backdoor or security holes that hackers are waiting to exploit. financial portals and blog sites are some of the common objectives of iFrame attacks as they enjoy regular visits by users and contain large user database. These attacks require the application of computer forensic techniques to find out the cause of the attack and the collection of evidence. IT security professionals usually make use of ethical hacking to identify and mitigate vulnerabilities.
iFrame attacks can result in compromise of sensitive customer information, the alteration of databases and access to privileged information. information security professionals may limit the iFrame attacks by carrying out security checks, the identification and elimination of unauthorized iframe tags and codes in the content. They can also identify and delete iframe tags, which direct to an unknown site or suspicious. Following the discovery of an attack, all the passwords for the database and associated web site must be changed immediately. Infected files on the website can be deleted and replaced by a new file or backup copy of the old content.
Organizations must make a periodic evaluation of the entire IT infrastructure to identify potential carriers which may assist hackers to launch attacks and launch the security measures.
0 Komentar