Featured Articles

TSMC: Volume production of 16nm FinFET in 2H 2015

TSMC: Volume production of 16nm FinFET in 2H 2015

TSMC has announced that it will begin volume production of 16nm FinFET products in the second half of 2015, in late…

More...
AMD misses earnings targets, announces layoffs

AMD misses earnings targets, announces layoffs

AMD has missed earnings targets and is planning a substantial job cuts. The company reported quarterly earnings yesterday and the street is…

More...
Did Google botch the Nexus 6 and Nexus 9?

Did Google botch the Nexus 6 and Nexus 9?

As expected, Google has finally released the eagerly awaited Nexus 6 phablet and its first 64-bit device, the Nexus 9 tablet.

More...
Gainward GTX 970 Phantom previewed

Gainward GTX 970 Phantom previewed

Nvidia has released two new graphics cards based on its latest Maxwell GPU architecture. The Geforce GTX 970 and Geforce GTX…

More...
EVGA GTX 970 SC ACX 2.0 reviewed

EVGA GTX 970 SC ACX 2.0 reviewed

Nvidia has released two new graphics cards based on its latest Maxwell GPU architecture. The Geforce GTX 970 and Geforce GTX…

More...
Frontpage Slideshow | Copyright © 2006-2010 orks, a business unit of Nuevvo Webware Ltd.
Tuesday, 22 April 2008 06:45

Obama for President site hacked over weekend

Written by David Stellmack

Image

Users redirected to Clinton’s site


Over the weekend Democratic Presidential contender Senator Barack Obama’s campaign Website was hacked and visitors to the Obama site were redirected to his rival’s site, Senator Hillary Clinton.  Apparently, a cross-site scripting vulnerability in the social networking section of Obama’s campaign site was exploited, according to researchers.

Anti-fraud company, Netcraft Ltd. Indicated that a user identified only as "Mox" admitted the hack in the Community Blogs section on the Obama site this past Sunday. Cross-site scripting vulnerabilities, which are often exploited by identity thieves and phishers, allow attackers to add malicious code into legitimate pages. Mox claims that the cross-site scripting bug has now been patched.

The Obama camp was not happy with the Mox behavior and the “all is well” comment, however. Supporters of Obama can create their own blogs and read others’ postings in The Community Blogs section of the Obama site. Users must register on the site to access Community Blogs, but vulnerabilities still remain on the site. The additional vulnerabilities caught by Netcraft apparently haven’t eliminated all of the risk.

A 22-year-old security researcher who co-manages an online archive of cross-site scripting attacks on vulnerable sites, Dimitris Pagkalos, claims Obama's site still has two unpatched bugs. Pagkalos also claims that bugs could be used to infect Obama supporters and site visitors with malware, unsolicited adware or identity-stealing spyware.

The Pennsylvania Democratic Party Presidential Primary is this week, and the statistics indicate just a few percentage points difference between Obama and Clinton. Tampering with either candidate’s site or interrupting traffic flow could have a big effect on the availability of information for undecided voters who might be seeking information from that candidate’s Website. Let’s hope both of these Presidential candidates have now brought in the big IT guns to address and fix vulnerabilities on their Websites.

Last modified on Tuesday, 22 April 2008 09:04

David Stellmack

E-mail: This e-mail address is being protected from spambots. You need JavaScript enabled to view it
blog comments powered by Disqus

 

Facebook activity

Latest Commented Articles

Recent Comments