http://blogs.technet.com/b/security/arc ... often.aspx" onclick="window.open(this.href);return false;
I have been following tools like blackhole.zeroaccess - this was a good article to get caught up on drive-by attacks.
"During the first half of 2013, websites that run the open-source Apache HTTP Server displayed the highest rate of drive-by download incidence, with 6.4 registered domains hosting drive-by download sites per 1,000 registered domains running Apache web servers. The prevalence of drive-by download sites on the Apache platform might be related to the spread of the so-called “Darkleech” exploit kit, discovered in April 2013, which targets the Apache HTTP Server. “Darkleech” attacks add malicious inline frames to webpages hosted on compromised Apache web servers.
The open-source Nginx web server displayed the second highest rate of drive-by download incidence (4.8 per 1,000 registered domains), followed by Microsoft Internet Information Services (IIS) for Windows Server (3.9 per 1,000 registered domains). All other web server platforms, each of which were used by less than 1 percent of registered domains worldwide, collectively displayed a drive-by download incidence rate of 3.5 per 1,000 registered domains.
--
This aforementioned article contains detailed advice for developers and IT Professionals on how to help manage the risk related to drive-by download attacks: What You Should Know About Drive-By Download Attacks – Part 2."
DNR
Drive-By Download Attack Article
Drive-By Download Attack Article
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
Re: Drive-By Download Attack Article
LMAO this gave me nightmares last night .......