Members
  • Total Members: 14197
  • Latest: Levine
Stats
  • Total Posts: 43434
  • Total Topics: 16528
  • Online today: 3114
  • Online ever: 51419
  • (01. January 2010., 10:27:49)
Users Online
Users: 2
Guests: 3044
Total: 3046









Author Topic: Google to offer webmasters samples of malware code (injected HTML, Java, Flash)  (Read 2710 times)

0 Members and 1 Guest are viewing this topic.

Samker

  • SCF Administrator
  • *****
  • Posts: 7529
  • KARMA: 322
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum


Aids in site clean-up process.

Google announced this week that it will provide certain website administrators with samples of malicious code found on their sites to help them clear the infection.

The new feature is part of Google's free Webmaster Tools suite that was launched in 2005 and helps webmasters improve their sites' search ranking, diagnose website problems, and share information with each other.

Google traditionally has notified website owners if their properties are harboring malware. But under the new initiative, the search giant will provide registered members of Webmaster Tools with samples of malicious code found on their sites.

The samples that are detected on sites “typically take the form of injected HTML tags, JavaScript or embedded Flash files”, Google engineer Lucas Ballard said on the company's Online Security Blog this week.

The new feature will allow website administrators to identify hacker code on their sites, but it won't help explain how it got there, Jeremiah Grossman, founder and CTO of WhiteHat Security, told SCMagazineUS.com.

“They will be able to clean up the pages, but re-infection would [likely] happen within days,” Grossman said.

Ballard said webmasters should consider the new feature “just a starting point in their site cleanup process.” Beyond just removing the malicious code, administrators should also determine and fix the vulnerability that attackers exploited to inject the site with malware, he recommended.

Grossman said Google is slowly and consistently making security gains. "They are not resting on their laurels.”

Undertaking this service makes sense considering Google does not want users who trust its search results to visit sites infected with malware, Grossman said. That could cause reputational harm for Google.

Last year, Google began notifying certain webmasters if their sites are running out-of-date web server software that could provide an open door for hackers.

(SCMagazine)

Samker's Computer Forum - SCforum.info


 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.codekids.ba:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Kursevi programiranja za ucenike u Sarajevu

Terms of Use | Privacy Policy | Advertising
TinyPortal 2.3.1 © 2005-2023