Featured Articles

Analysts expect ARM to do well next year

Analysts expect ARM to do well next year

British chip designer ARM could cash in on the mobile industry's rush to transition to 64-bit operating systems and hardware.

More...
Huawei and Xiaomi outpace Lenovo, LG in smartphone market

Huawei and Xiaomi outpace Lenovo, LG in smartphone market

Samsung has lost smartphone market share, ending the quarter on a low note and Xiaomi appears to be the big winner.

More...
Intel Broadwell 15W coming to CES

Intel Broadwell 15W coming to CES

It looks like Intel will be showing off its 14nm processors, codenames Broadwell, in a couple of weeks at CES 2015.

More...
Gainward GTX 980 Phantom reviewed

Gainward GTX 980 Phantom reviewed

Today we’ll be taking a closer look at the recently introduced Gainward GTX 980 4GB with the company’s trademark Phantom cooler.

More...
Zotac ZBOX Sphere OI520 barebones vs Sphere Plus review

Zotac ZBOX Sphere OI520 barebones vs Sphere Plus review

Zotac has been in the nettop and mini-PC space for more than four years now and it has managed to carve…

More...
Frontpage Slideshow | Copyright © 2006-2010 orks, a business unit of Nuevvo Webware Ltd.
Tuesday, 22 April 2008 06:45

Obama for President site hacked over weekend

Written by David Stellmack

Image

Users redirected to Clinton’s site


Over the weekend Democratic Presidential contender Senator Barack Obama’s campaign Website was hacked and visitors to the Obama site were redirected to his rival’s site, Senator Hillary Clinton.  Apparently, a cross-site scripting vulnerability in the social networking section of Obama’s campaign site was exploited, according to researchers.

Anti-fraud company, Netcraft Ltd. Indicated that a user identified only as "Mox" admitted the hack in the Community Blogs section on the Obama site this past Sunday. Cross-site scripting vulnerabilities, which are often exploited by identity thieves and phishers, allow attackers to add malicious code into legitimate pages. Mox claims that the cross-site scripting bug has now been patched.

The Obama camp was not happy with the Mox behavior and the “all is well” comment, however. Supporters of Obama can create their own blogs and read others’ postings in The Community Blogs section of the Obama site. Users must register on the site to access Community Blogs, but vulnerabilities still remain on the site. The additional vulnerabilities caught by Netcraft apparently haven’t eliminated all of the risk.

A 22-year-old security researcher who co-manages an online archive of cross-site scripting attacks on vulnerable sites, Dimitris Pagkalos, claims Obama's site still has two unpatched bugs. Pagkalos also claims that bugs could be used to infect Obama supporters and site visitors with malware, unsolicited adware or identity-stealing spyware.

The Pennsylvania Democratic Party Presidential Primary is this week, and the statistics indicate just a few percentage points difference between Obama and Clinton. Tampering with either candidate’s site or interrupting traffic flow could have a big effect on the availability of information for undecided voters who might be seeking information from that candidate’s Website. Let’s hope both of these Presidential candidates have now brought in the big IT guns to address and fix vulnerabilities on their Websites.

Last modified on Tuesday, 22 April 2008 09:04

David Stellmack

E-mail: This e-mail address is being protected from spambots. You need JavaScript enabled to view it
blog comments powered by Disqus

 

Facebook activity

Latest Commented Articles

Recent Comments