Offering regional and national programs, CIO (and CSO) events bring together some of the most respected names and thought leaders in information technology and security. Presented by CIOs and other senior level executives, these invitation-only programs offer timely topics and strong networking. Learn More »
Social Responsibility's Strategic Benefits
December 15, 11:30 AM - 12:30 PM US/Eastern (GMT-5)
Join Ed Granger-Happ, CIO of Save the Children, for a discussion of how creating an organization that is socially responsible improves staffing, retention, leadership development and overall corporate health.
Working With and Communicating to Your Board of Directors
January 13, 2009, 4:00 PM - 5:00 PM US/Eastern (GMT-5)
CIO panelists who will share tips and experiences working with their boards: Twila Day of SYSCO; Jeff O'Hare, West Corp.; Marc West, formerly with H&R Block.
IT's Role in Growing Mid-Market Companies
January 14, 4:00 PM - 5:00 PM ET (GMT-5)
Mid-market Council members will share their companies' stories and challenges in driving or coping with growth. Panelists represent Veterinary Pet Insurance, Medicis Pharmaceutical, and Intrax Cultural Exchange.
Learn more about the CIO Executive Council »
Apply today for a FREE subscription to CIO Magazine!
iFrame Attacks Surge, Security Firm Says
Network managers can check their Web pages for infection with the iFrame code by looking for a specific code string in the source code.
April 24, 2008 — Network World — A flood of SQL injection attacks on Microsoft Internet Information Servers are leaving Web pages with malicious iFrames in them, and Panda Security is urging network managers to make sure their Web pages haven't been infected.
Panda says the number of infected Web pages spiked to 282,000 in the past day, and appears to be growing. Network managers can check to see whether their Web pages are infected with the iFrame code by looking for a specific code string in the source code of the Web page associated to an iFrame tag. The string is <script src=http://www.nihaorr1.com/1.js>, according to the security vendor.
If detected, this string should be eliminated immediately, says Panda, which adds that new strains of malicious code as yet unrecognized may be resident also. Panda is urging Web-site managers to check to see whether their Web pages are being manipulated and is offering a free scan at its Infected or Not? site.
"It appears to have started yesterday with these SQL injection attacks," says Ryan Sherstobitoff, Panda's chief corporate evangelist. There's ongoing research into the problem, the source of which may trace back into Eastern Europe or Russia, he says.
Neither Panda nor any other security firm Sherstobitoff is aware of has identified the exact vulnerability in IIS that is the attack route for injection of the malicious iFrame, although suspicions center on a vulnerability described in an April 17 Microsoft Security Advisory (951306) for which there is not yet a defined patch or other fix.
Malicious iFrame attacks have seen widespread growth over the past several months. Attackers embed the iFrame code in Web pages to redirect victims to sites for purposes of fraud or other criminal conduct. © 2007 Network World Inc.
FORTUNE 100 insurance leaders rely on the Symantec Data Loss Prevention solution to protect sensitive customer data.
Do you know where your confidential data is, where it is going, and how to prevent it from leaving your organization.
Learn what the thought-leaders at PricewaterhouseCoopers have to say on the risks associated with data security.
Incorporate best practices from many companies using DLP solutions as you establish your organization's requirements and safeguard confidential data.
35 U.S. organizations that lost confidential information and had a regulatory requirement to publicly notify affected individuals are studied in this report.
Mobility is Growing: Survey Shows Why CIOs are Concerned
The Case for A Specialized Security Platform
Riverbed Raises the Ante Again in WDS with RiOS 5.0
Turn your information management best efforts into best practices.
Windows Vista® in a Hybrid IT Environment
Comprehensive LAN Security: A Business Requirement
Windows Vista: Essential Benefits and Deployment Strategies
Building Competitive Advantage with Next-Generation Wireless Infrastructure
Into the Wild: Managing Laptops Outside the Office
Protecting Sensitive and Confidential Information with Endpoint Security
Revolutionizing Endpoint Security with a Single Agent
War Gaming: How Intel Turned Its Workforce Into a Security Force
Resource Alerts
Get instant email notifications by topic when white papers, webcasts, and case studies are added to our library.
AMD to Bring HD Gaming and Movies to Mobile Phones
Intel-Backed Enterprise 2.0 Suite is Discontinued
Wall Street Beat: IT Faces Tough Start to 2009
Dual-Mode Smartphones Help Boost Wi-Fi Shipments
Palm Announces WebOS and Pre Phone
Nokia Ends Production of Its Only WiMax Device
FAQ: How to Get the Windows 7 Beta
HP Aims TouchSmart Desktop PC at Businesses
Red Hat to host Second Life-like virtual JBoss trade show
Windows 7 Public Beta to be Available Friday
Just the basics, please. Sometimes we all need a refresher or we need to make sure our team and our colleagues are all on the same page.
Over 25 tutorials on everything from business intelligence to virtualization.
- CIO|
- Computerworld|
- CSO|
- DEMO|
- Game Pro|
- Games.net|
- IDG|
- IDG UK|
- IDG Connect|
- IDG Tech Network |
- IDG World Expo|
- Industry Standard|
- InfoWorld|
- ITworld|
- JavaWorld|
- LinuxWorld|
- MacUser|
- Macworld|
- Network World|
- PC World|
- Playlist|
- CIO UK|
- CIO Germany|
- CIO China|
- CIO Sweden|
- CIO Australia|
- Other CIO Sites
