Security experts are finding an increasing number of websites hosting malicious JavaScript code first detected on Super Bowl-related sites last week.Sites covering topics ranging from health care to government have been hacked to host the JavaScript, SANS Internet Storm Center Director Marcus H. Sachs wrote on the SANS blog, listing some of the hacked sites.“System administrators might want to check their network flow logs for any traffic to these sites and for any traffic to the five sites that hosted the hostile JavaScript,” Sachs wrote.The attack targets two known vulnerabilities in Microsoft’s Windows operating systems, for which patches were issued in April and January. Computers with unpatched software are vulnerable to the attack. If one of the hacked sites is visited, the JavaScript code directs the browser to a second Web server, based in China, and tries to install a Trojan Horse downloader and password-stealing program on the victim’s computer. Initially, the exploit appeared isolated to websites related to U.S. football, as hackers tried to capitalize on the surge of traffic to sites concerning the Super Bowl, which was played on Sunday. The site of the Miami Dolphins team, and another site for its stadium, were hacked, although they were eventually cleaned up.Security company Websense reported the problem on the stadium site on Friday. Websense recommended that users stay away from the affected sites until they had been cleaned up. -Jeremy Kirk, IDG News Service (London Bureau)Related Link: Dolphins Website Hacked in Advance of Super BowlCheck out our CIO News Alerts and Tech Informer pages for more updated news coverage. Related content case study Toyota transforms IT service desk with gen AI To help promote insourcing and quality control, Toyota Motor North America is leveraging generative AI for HR and IT service desk requests. By Thor Olavsrud Dec 08, 2023 7 mins Employee Experience Employee Experience Employee Experience feature CSM certification: Costs, requirements, and all you need to know The Certified ScrumMaster (CSM) certification sets the standard for establishing Scrum theory, developing practical applications and rules, and leading teams and stakeholders through the development process. By Moira Alexander Dec 08, 2023 8 mins Certifications IT Skills Project Management brandpost Sponsored by SAP When natural disasters strike Japan, Ōita University’s EDiSON is ready to act With the technology and assistance of SAP and Zynas Corporation, Ōita University built an emergency-response collaboration tool named EDiSON that helps the Japanese island of Kyushu detect and mitigate natural disasters. By Michael Kure, SAP Contributor Dec 07, 2023 5 mins Digital Transformation brandpost Sponsored by BMC BMC on BMC: How the company enables IT observability with BMC Helix and AIOps The goals: transform an ocean of data and ultimately provide a stellar user experience and maximum value. By Jeff Miller Dec 07, 2023 3 mins IT Leadership Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe