Featured Articles

Apple announces its Apple Watch

Apple announces its Apple Watch

Apple has finally unveiled its eagerly awaited smartwatch and surprisingly it has dropped the "i" from the brand, calling it simply…

More...
Skylake 14nm announced

Skylake 14nm announced

Kirk B. Skaugen, Senior Vice President General Manager, PC Client Group has showcased Skylake, Intel’s second generation 14nm architecture.

More...
Apple officially announces 4.7-inch iPhone 6 and 5.5-inch iPhone 6 Plus

Apple officially announces 4.7-inch iPhone 6 and 5.5-inch iPhone 6 Plus

The day has finally come and it appears that most rumors were actually spot on as Apple has now officially unveiled…

More...
CEO: Intel on target for 40m tablets

CEO: Intel on target for 40m tablets

Intel CEO Brian Krzanich just kicked off the IDF 2014 keynote and it started with a phone avatar, some Katy Perry…

More...
Aerocool Dead Silence reviewed

Aerocool Dead Silence reviewed

Aerocool is well known for its gamer cases with aggressive styling. However, the Dead Silence chassis offers consumers a new choice,…

More...
Frontpage Slideshow | Copyright © 2006-2010 orks, a business unit of Nuevvo Webware Ltd.
Tuesday, 22 April 2008 06:45

Obama for President site hacked over weekend

Written by David Stellmack

Image

Users redirected to Clinton’s site


Over the weekend Democratic Presidential contender Senator Barack Obama’s campaign Website was hacked and visitors to the Obama site were redirected to his rival’s site, Senator Hillary Clinton.  Apparently, a cross-site scripting vulnerability in the social networking section of Obama’s campaign site was exploited, according to researchers.

Anti-fraud company, Netcraft Ltd. Indicated that a user identified only as "Mox" admitted the hack in the Community Blogs section on the Obama site this past Sunday. Cross-site scripting vulnerabilities, which are often exploited by identity thieves and phishers, allow attackers to add malicious code into legitimate pages. Mox claims that the cross-site scripting bug has now been patched.

The Obama camp was not happy with the Mox behavior and the “all is well” comment, however. Supporters of Obama can create their own blogs and read others’ postings in The Community Blogs section of the Obama site. Users must register on the site to access Community Blogs, but vulnerabilities still remain on the site. The additional vulnerabilities caught by Netcraft apparently haven’t eliminated all of the risk.

A 22-year-old security researcher who co-manages an online archive of cross-site scripting attacks on vulnerable sites, Dimitris Pagkalos, claims Obama's site still has two unpatched bugs. Pagkalos also claims that bugs could be used to infect Obama supporters and site visitors with malware, unsolicited adware or identity-stealing spyware.

The Pennsylvania Democratic Party Presidential Primary is this week, and the statistics indicate just a few percentage points difference between Obama and Clinton. Tampering with either candidate’s site or interrupting traffic flow could have a big effect on the availability of information for undecided voters who might be seeking information from that candidate’s Website. Let’s hope both of these Presidential candidates have now brought in the big IT guns to address and fix vulnerabilities on their Websites.

Last modified on Tuesday, 22 April 2008 09:04

David Stellmack

E-mail: This e-mail address is being protected from spambots. You need JavaScript enabled to view it
blog comments powered by Disqus

 

Facebook activity

Latest Commented Articles

Recent Comments