Re: Warning: Iframe based attacks using stolen FTP access info
In recent days we've been seeing the HEX add too.. instaed of a regular iframe injection, there's document.write being used in the script portion and everything in there is encoded.
Makes it a little harder to SEE what's an issue, but the injections still appear to be going at the bottom of files, so they're still easy enough to spot.
|