Press Release

 

 How to Identify JavaScript Attacks 

ISACA guidance helps thwart hackers attempting to profit from advertisements

Rolling Meadows, IL, USA (30 November 2016)—New ISACA guidance will help cyber security professionals identify a form of attack that enriches hackers by utilizing JavaScript code to redirect users to advertisements that generate revenue for the hacker.

The white paper, “Incident Response: Obfuscated JavaScript and Evil Adware Recognition,” analyzes a web server malware sample from VirusShare.com to describe a real-world attack that compromises a website content management system (CMS) with JavaScript code. The attack analysis pinpoints traits associated with redirection attacks.

The guidance includes figures highlighting network traffic captures, requests for JavaScript files, embedded redirect code and other elements associated with the attack.

The guide examines how analysis of network traffic captures helped an organization identify exploitation vectors. Malware analysts identified a variety of web requests to download and execute malicious JavaScript. Understanding that the malicious code and redirection to nefarious servers are indicators of web-server exploitation aided the analysts in recognizing characteristics of the attack, and can be useful in web-server evaluations.

The white paper is part of the guidance and tools that global business technology and cyber security association ISACA provides cyber security professionals and their organizations through its Cybersecurity Nexus (CSX).

“While cyber attacks resulting in the theft of personal or financial information are well-documented, nefarious actors also are capable of more subtle attempts in pursuit of financial gains,” said Christos Dimitriadis, Ph.D. CISA, CISM, CRISC, chair of ISACA’s Board of Directors and group director of Information Security for INTRALOT. “This guidance will allow cyber professionals and their organizations to be more vigilant in guarding against attacks on CMS JavaScript code.”

To download a complimentary copy of the white paper, visit www.isaca.org/webserver-exploit-javascript.

 

About ISACA

ISACA (www.isaca.org) helps professionals around the globe realize the positive potential of technology in an evolving digital world. By offering industry-leading knowledge, standards, credentialing and education, ISACA enables professionals to apply technology in ways that instill confidence, address threats, drive innovation and create positive momentum for their organizations. Established in 1969, ISACA is a global association with more than 140,000 members and certification holders in 187 countries. ISACA is the creator of the COBIT framework, which helps organizations effectively govern and manage their information and technology. Through its Cybersecurity Nexus (CSX), ISACA helps organizations develop skilled cyber workforces and enables individuals to grow and advance their cyber careers.

Twitter: https://twitter.com/ISACANews 
LinkedIn: ISACA (Official), http://linkd.in/ISACAOfficial
Facebook: www.facebook.com/ISACAHQ

 

Contact:

Kristen Kessinger, +1.847.660.5512, communications@isaca.org
Joanne Duffer, +1.847.660.5564, communications@isaca.org
Jay Schwab, +1.847.660.5693, communications@isaca.org