Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

Maybe the people responsible for the John Sands web site will finally do something about the web site’s vulnerabilities

December 28th 2008 in Uncategorized

It is all over the popular press – Websense have announced that they have found malicious script on the John Sands web site:
http://securitylabs.websense.com/content/Alerts/3268.aspx

I can only hope that WebSense, and all of the negative press that their announcement has triggered, will finally get John Sands to clean up their act and fix the problems with their web site.  Why do I say this?  Because I wrote to John Sands in July and in August warning them that there were problems, yet their web site is still vulnerable.  The site code has been cleaned up a few times, but the basic problem has not been resolved.

I did not receive a response to my emails.

It is an understatement, to say the least, to see that the johnsands.com.au web site is *still* vulnerable more than 5 months after my initial alert.

Email one, dated 24 July 2008:

 image

 

Email two, sent after my first email was ignored – note that by this stage malicious code pointing to 26 domains was evident.  The email address is taken from WHOIS, and is apparently the email address for the “Infrastructure Administrator”.

 image


Comments are closed.

Back on 17 December 2008 I wrote about malvertizements being distributed by criminals impersonating the legitimate Koeppel Interactive (the legitimate site being koeppelinteractive.com). The fake site, koeppelinteractive.co.uk, is now inaccessible; its name servers have been changed to “ns1.suspended-domain.com” and “ns2.suspended-domain.com”. Koeppelinteractive.com have added an alert to their site warning about the impersonation. For […]

Previous Entry

No. Am I surprised? No. Why haven’t they fixed the problem yet? You tell me and we’ll both know.  Maybe they *like* the fact that all of the links on their Products page are broken.  The fact that the malicious URL is not working is no excuse. According to the […]

Next Entry

Archives