How to Identify JavaScript Attacks

0

ISACA guidance helps thwart hackers attempting to profit from advertisements

ISACA_logoNew ISACA guidance will help cybersecurity professionals identify a form of attack that enriches hackers by utilising JavaScript code to redirect users to advertisements that generate revenue for the hacker.

The white paper, “Incident Response: Obfuscated JavaScript and Evil Adware Recognition,” analyses a web server malware sample from VirusShare.com to describe a real-world attack that compromises a website content management system (CMS) with JavaScript code. The attack analysis pinpoints traits associated with redirection attacks.

The guidance includes figures highlighting network traffic captures, requests for JavaScript files, embedded redirect code and other elements associated with the attack.

The guide examines how analysis of network traffic captures helped an organisation identify exploitation vectors. Malware analysts identified a variety of web requests to download and execute malicious JavaScript. Understanding that the malicious code and redirection to nefarious servers are indicators of web-server exploitation aided the analysts in recognising characteristics of the attack, and can be useful in web-server evaluations.

The white paper is part of the guidance and tools that global business technology and cybersecurity association ISACA provides cybersecurity professionals and their organisations through its Cybersecurity Nexus (CSX).

“While cyber attacks resulting in the theft of personal or financial information are well-documented, nefarious actors also are capable of more subtle attempts in pursuit of financial gains,” said Christos Dimitriadis, Ph.D. CISA, CISM, CRISC, chair of ISACA’s Board of Directors and group director of Information Security for INTRALOT. “This guidance will allow cyber professionals and their organisations to be more vigilant in guarding against attacks on CMS JavaScript code.”

To download a complimentary copy of the white paper, visit www.isaca.org/webserver-exploit-javascript.

About ISACA
ISACA (www.isaca.org) helps professionals around the globe realise the positive potential of technology in an evolving digital world. By offering industry-leading knowledge, standards, credentialing and education, ISACA enables professionals to apply technology in ways that instill confidence, address threats, drive innovation and create positive momentum for their organisations. Established in 1969, ISACA is a global association with more than 140,000 members and certification holders in 187 countries. ISACA is the creator of the COBIT framework, which helps organisations effectively govern and manage their information and technology. Through its Cybersecurity Nexus (CSX), ISACA helps organisations develop skilled cyber workforces and enables individuals to grow and advance their cyber careers.
Twitter: https://twitter.com/ISACANews
LinkedIn: ISACA (Official), https://www.linkedin.com/company/isaca
Facebook: www.facebook.com/ISACAHQ

Share.

Comments are closed.