Amnesty International chapters in Hong Kong and the UK are among those found to have been hacked and serving spyware to visitors.
Amnesty International, Washingon think-tank and counter-terrorism institute websites found to be serving malware.
A rash of recent and ongoing targeted attacks involving compromises at high-profile websites should serve as a sobering reminder of the need to be vigilant about applying browser updates.
A broad index of prominent sites including Amnesty International and the International Institute for Counter-Terrorism, belonging to foreign policy and human rights groups have been hacked and quietly serving spyware to visitors by exploiting newly patched flaws in widely used software from Adobe and Oracle.
The latest reports of this apparent cyberspy activity come from security experts at Shadowserver.org, a non-profit website that tracks malware attacks typically associated with so-called “advanced persistent threat” (APT) actors. APT is a controversial term that means many things to different folks, but even detractors of the acronym’s overuse acknowledge that it has become a useful shorthand for “We’re pretty sure it came from China”.
A diagram depicting the since-cleaned attack on the website of the Center for Defense Information. Photo: KrebsOnSecurity.com
One look at the list of the sites found to be currently serving an exploit to attack a newly-patched Adobe Flash Player vulnerability (CVE-2012-0779) shows how that shorthand is earned. Shadowserver uncovered Flash exploits waiting for visitors of the websites for Amnesty International Hong Kong and the Center for Defense Information, a Washington, DC think-tank. The home page for the International Institute for Counter-Terrorism was found to be serving up malware
.... end of excerpt
Article Source: http://www.brisbanetimes.com.au/it-pro/security-it/multiple-human-rights-foreign-policy-sites-hacked-20120515-1yoe1.html