Stolen FTP credentials likely in massive web attacks

From SearchSecurity (Rob Westervelt)
Stolen FTP credentials are suspected as the root cause of a massive attack compromising over 40,000 web sites.
Attackers have targeted legitimate websites in the latest wave, and so far researchers at security vendor Websense Inc. say it isn’t likely that SQL injection, cross-site scripting or other website vulnerabilities are to blame. Instead, the attackers are easily injecting malicious JavaScript code into sites by logging in with stolen usernames and passwords.  Read the full story [techtarget.com]

From SearchSecurity (Rob Westervelt)

Stolen FTP credentials are suspected as the root cause of a massive attack compromising over 40,000 web sites.

Attackers have targeted legitimate websites in the latest wave, and so far researchers at security vendor Websense Inc. say it isn’t likely that SQL injection, cross-site scripting or other website vulnerabilities are to blame. Instead, the attackers are easily injecting malicious JavaScript code into sites by logging in with stolen usernames and passwords.  Read the full story [techtarget.com]

Suggested articles

Discussion

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.