Urgent New Domain: jueduizuan [dot] com

Posted on May 7th, 2008 in iframes by dglosser

From SANS Internet Storm Center:

UPDATE: We’re also see this website serving up some attacks in connection with this SQL Worm (hxxp://bbs.jueduizuan.com)

Iframes are evil.

  • There needs to be an option on web servers to explicitly allow external iframes to be served.
  • The list needs to be manually added to an apache/IIS/other web server config file.
  • Web browsers need to have serving of external iframes  disabled by default, with the user being required to explicitly allow them

Urgent DNS-BH Update: SQL Injection Worm

Posted on May 7th, 2008 in iframes,New Domains by dglosser

The following domains are now active:

winzipices [dot] cn
cnzz [dot] com
51 [dot] la
ajiang [dot]

So what can be done to fight this iframe epidemic??