Featured Articles

Intel releases tiny 3G cell modem

Intel releases tiny 3G cell modem

Intel has released a 3G cellular modem with an integrated power amplifier that fits into a 300 mm2 footprint, claiming it…

More...
Braswell 14nm Atom slips to Q2 15

Braswell 14nm Atom slips to Q2 15

It's not all rosy in the house of Intel. It seems that upcoming Atom out-of-order cores might be giving this semiconductor…

More...
TSMC 16nm wafers coming in Q1 2015

TSMC 16nm wafers coming in Q1 2015

TSMC will start producing 16nm wafers in the first quarter of 2015. Sometime in the second quarter production should ramp up…

More...
Skylake-S LGA is 35W to 95W TDP part

Skylake-S LGA is 35W to 95W TDP part

Skylake-S is the ‘tock’ of the Haswell architecture and despite being delayed from the original plan, this desktop part is scheduled…

More...
Aerocool Dead Silence reviewed

Aerocool Dead Silence reviewed

Aerocool is well known for its gamer cases with aggressive styling. However, the Dead Silence chassis offers consumers a new choice,…

More...
Frontpage Slideshow | Copyright © 2006-2010 orks, a business unit of Nuevvo Webware Ltd.
Tuesday, 22 April 2008 06:45

Obama for President site hacked over weekend

Written by David Stellmack

Image

Users redirected to Clinton’s site


Over the weekend Democratic Presidential contender Senator Barack Obama’s campaign Website was hacked and visitors to the Obama site were redirected to his rival’s site, Senator Hillary Clinton.  Apparently, a cross-site scripting vulnerability in the social networking section of Obama’s campaign site was exploited, according to researchers.

Anti-fraud company, Netcraft Ltd. Indicated that a user identified only as "Mox" admitted the hack in the Community Blogs section on the Obama site this past Sunday. Cross-site scripting vulnerabilities, which are often exploited by identity thieves and phishers, allow attackers to add malicious code into legitimate pages. Mox claims that the cross-site scripting bug has now been patched.

The Obama camp was not happy with the Mox behavior and the “all is well” comment, however. Supporters of Obama can create their own blogs and read others’ postings in The Community Blogs section of the Obama site. Users must register on the site to access Community Blogs, but vulnerabilities still remain on the site. The additional vulnerabilities caught by Netcraft apparently haven’t eliminated all of the risk.

A 22-year-old security researcher who co-manages an online archive of cross-site scripting attacks on vulnerable sites, Dimitris Pagkalos, claims Obama's site still has two unpatched bugs. Pagkalos also claims that bugs could be used to infect Obama supporters and site visitors with malware, unsolicited adware or identity-stealing spyware.

The Pennsylvania Democratic Party Presidential Primary is this week, and the statistics indicate just a few percentage points difference between Obama and Clinton. Tampering with either candidate’s site or interrupting traffic flow could have a big effect on the availability of information for undecided voters who might be seeking information from that candidate’s Website. Let’s hope both of these Presidential candidates have now brought in the big IT guns to address and fix vulnerabilities on their Websites.

Last modified on Tuesday, 22 April 2008 09:04

David Stellmack

E-mail: This e-mail address is being protected from spambots. You need JavaScript enabled to view it
blog comments powered by Disqus

 

Facebook activity

Latest Commented Articles

Recent Comments