恶意网站在上升

击键记录者被发现在2500年初以来,恶意的博客和网站的05年,据Websense安全实验室。罪犯停车账户的恶意软件,他们打开博客网站和雅虎等免费服务。交通驱动他们像其他mass-delivered恶意软件通过同样的方式,但也可以出现在搜索,因为它们定位在网上像什么。我必须承认,当我第一次阅读Websense新闻稿,我思考如果这可能是一个问题对于我的个人博客网站。有多容易被黑客攻击,拥有和使用继电器这样卑鄙的恶意软件?它还没有发展到那一步。但是记住我的话,它就会发生。同时,托管服务提供商需要得到他们的行为在一起,丹·哈伯德说,高级主管,安全研究,Websense。“服务提供商应该限制上传流量类型,它将允许在网站,”他说。“允许图片,HTML和文本,但不允许可执行文件”。Since most of these malicious accounts are opened with automated software, ISPs registration process should include some type of authentication that requires a user to see something on the registration page and use that image to authenticate. And there's the obvious: hosting facilities should run antivirus on all their hosting servers and keep signatures up to date. As for users? The first duh is don't click links in unsolicited mail. If you execute something, you've already told your computer to let it in, which happens the instant a vulnerable browser lands at the malicious site. Which brings me to point #2. Keep your patches updated, particularly on your browsers -- all browsers, not just Internet Explorer. And of course, run that anti-virus continually with automated updates turned on.