Finjan Reports FindingsFinjan Reports Findings
Finjan announced its findings on the latest web security trends as uncovered by its Malicious Code Research Center (MCRC)
October 11, 2006

SAN JOSE, Calif. -- Finjan Inc., the global provider of best-of-breed proactive web security solutions for businesses and organizations, today announced its findings on the latest web security trends as uncovered by its Malicious Code Research Center (MCRC). In its Web Security Trends Report (Q3 2006), Finjan presents new findings related to malicious code found on storage and caching servers, as well as insights into trends related to sophisticated new threats that target Web 2.0 platforms and technologies. The report also includes a follow-up story showing additional examples of "vulnerabilities for sale," as exposed in Finjan's previous Web Security Trends Report, released in July, which focused on the commercialization of malicious code and a widening black market.
Malicious Code in Cached Web Pages Served by Storage and Caching Servers The new report details Finjan's discovery of malicious content residing in cached web pages on storage and caching servers, such as those used by ISPs, enterprises and leading search engines. "This malicious code can be referenced by third-party web pages and can be used to exploit an The report presents several instances of malicious code found by Finjan security researchers on public storage and caching servers. "This is more than just a theoretical danger," Ben-Itzhak said. "Owing to this exploit, it is possible that storage and caching servers could unintentionally become the largest 'legitimate' storage venue for malicious code. Such 'infection-by-proxy' introduces new risks for businesses and consumers."
About the Author(s)
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication Methods
Oct 26, 2023Modern Supply Chain Security: Integrated, Interconnected, and Context-Driven
Nov 06, 2023How to Combat the Latest Cloud Security Threats
Nov 06, 2023Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and Phishing
Nov 01, 2023SecOps & DevSecOps in the Cloud
Nov 06, 2023