[access-uk] Re: Twitter Beware!
- From: "Tristram Llewellyn" <tristram.llewellyn@xxxxxxxxxxxxxxxxxxx>
- To: <access-uk@xxxxxxxxxxxxx>
- Date: Fri, 12 Jun 2009 13:52:56 +0100
Thanks George
I found the McAfee posting rather more useful than the Kaspersky blurb
although the latter is useful in revealing the motive for the attack.
It appears the worm was allegedly written to reveal vulernsabilities in
the Twitter network and makes use of a cross site scripting attack via
JavaScript. Those people that use the site for posting are the one's
potentially at risk. However those using clients who do not go directly
to the Twitter site may well be afforded some protection through their
Twitter client as they do not access their profile directly through the
browser that executes the JAVAScript.
For Firefox users there is a very handy plugin called NoScript which is
capable of detecting XSS (Cross Site Scripting attacks) in addition to
blocking JAVASCript for those sites you do not wish it to run.
Hope this helps.
Regards.
Tristram Llewellyn
Sight and Sound Technology
Technical Support
www.sightandsound.co.uk
Mail:
Tristram: tristram.llewellyn@xxxxxxxxxxxxxxxxxxx
Technical: Support@xxxxxxxxxxxxxxxxxxx
General - info@xxxxxxxxxxxxxxxxxxx
Phone:
Support line: 0845 634 7979
Sight and Sound Technology Limited is a company registered in England
and Wales, with company number 1408275.
Sight and Sound Technology
Welton House North Wing
Summerhouse Road
Moulton Park
Northampton
NN3 6WD
VAT Number - GB 860 2121 66.
** To leave the list, click on the immediately-following link:-
** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=unsubscribe]
** If this link doesn't work then send a message to:
** access-uk-request@xxxxxxxxxxxxx
** and in the Subject line type
** unsubscribe
** For other list commands such as vacation mode, click on the
** immediately-following link:-
** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=faq]
** or send a message, to
** access-uk-request@xxxxxxxxxxxxx with the Subject:- faq
Other related posts:
