Sign up to stay up to date.
(If you have your own story to relate about malvertising, especially if you have inside knowledge from the perspective of an advertising network, please email me asap — I’m not hard to find. I have plent of material to fill the session, but it’s more fun with more people talking.)
In recent years, the Star Tribune, New York Times, and Fox News web sites have been abused in well-publicized FakeAV scareware campaigns. During a snow emergency last year, the WCCO and KARE11 web sites were serving up more serious malware that attracted little attention outside the security community.
If you’re not the Times, you don’t need to worry so much about becoming a target of choice, but you may be a target of opportunity. So please:
Things IT shops do to defend against web-based attacks from legitimate web sites:
Some of the above have implications for web developers. Certain “domain by proxy” services are popular with the bad guys and might make you look guilty by association.
Minnebar 6 (2011-05-07)