
	Home > Ask the Security Experts > Information Security Threats Questions & Answers > How are companies removing malware from blogs?

Ask The Security Expert: Questions & Answers

EMAIL THIS

How are companies removing malware from blogs?

EXPERT RESPONSE FROM: John Strand, featured expert

		Pose a Question

		Other Security Categories

		Meet all Security Experts
		Become an Expert for this site

Digg This!

StumbleUpon

Del.icio.us

QUESTION POSED ON: 04 November 2008
What are most companies doing today to protect against malware intrusion that may be picked up from blogs on sites like Blogspot? Are companies blocking those sites completely, or are they using tools that stop intrusions? Some here are upset that our company took away access to Blogspot, but I understand the need to protect the company from malware.

Most companies aren't doing anything at all. This usually is the result of an organization wanting an open and fun work environment. Unfortunately, many companies still believe that attacks originate from the outside and target their internal systems. But as we continue to learn with new threat vectors like cross-site request forgery, clickjacking and cross-site scripting, attackers can do well by simply posting malicious content on the Web and waiting for an unsuspecting user to surf to it. The best way to handle attacks originating from blog sites is to block access to them completely.

But remember, blog sites are not the only ones susceptible to these types of threats. Social networking sites like Facebook and MySpace can serve malicious content in the form of advertisements. Even sites like MLB.com have been victims of Flash-based malware. Blog access is ultimately a risk-based decision. If the majority of attacks against your environment originate from blog sites, blocking access is a good first step.

BROWSE BY TAG

Information Security Threats, Malware, Viruses, Trojans and Spyware, Information Security Policies, Procedures and Guidelines, Information Security Management, VIEW ALL TAGS

Digg This!

StumbleUpon

Del.icio.us

RELATED CONTENT

	Information Security Threats
	How to get rid of malware, botnets on a hospital IT network
	Should a national cybersecurity strategy include offensive botnets?
	How can search results lead to malware?
	How to prevent brute force webmail attacks
	How to prevent mobile phone spying
	What are today's antivirus software trends?
	How to detect input validation errors and vulnerabilities
	Can secure USB devices prevent man-in-the middle attacks
	How to prevent and build protection against online identity theft
	Is there a spy on my mobile device?

Malware, Viruses, Trojans and Spyware

Schneier-Ranum Face-Off: Is antivirus dead?

Modern malware, stealthy botnets, adapt quickly, expert says

Computer worm infections up, scareware antivirus down, Microsoft says

Web-based attacks skyrocket, pirating sites surge, security firms say

Mini guide: How to remove and prevent Trojans, malware and spyware

Kaspersky system analyzes malicious URLs on Twitter for malware

Silon malware intercepts Internet Explorer sessions, steals credentials

Breach forces payroll service provider PayChoice to shut down again

RSA research underscores problem tracking cybercriminals

Conficker analysis finds P2P coding limited, less sophisticated

Information Security Policies, Procedures and Guidelines

Essential guide: Pandemic planning for H1N1

Whitelists, SaaS modify traditional security, tackle flaws

Melissa Hathaway urges more cooperation, government attention to cybersecurity

Reuters: Obama ready to select cyber security czar

How a corporate Twitter policy can combat social network threats

Should enterprises be concerned with Twitter in the workplace?

Information security management hype: Debunking best practices

Data breach avoidance begins with security basics, panel says

Expert: Information security spending often restricts innovation

GAO report cites government weaknesses, data leakage

RELATED GLOSSARY TERMS

Terms from Whatis.com − the technology online dictionary

bot worm (SearchSecurity.com)

directory traversal (SearchSecurity.com)

government Trojan (SearchSecurity.com)

Kraken (SearchSecurity.com)

man in the browser (SearchSecurity.com)

polymorphic malware (SearchSecurity.com)

RAT (remote access Trojan) (SearchSecurity.com)

RavMonE virus (SearchSecurity.com)

RFID virus (SearchSecurity.com)

Rock Phish (SearchSecurity.com)

RELATED RESOURCES

2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems

Search Bitpipe.com for the latest white papers and business webcasts

Whatis.com, the online computer dictionary

Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.

Browse our Expert Advice
Operating Systems IT Management Networking Database	Security Servers and Storage Applications and Development Career Center

Find Security Solutions for Your Business

View this month\\'s issue and subscribe today.

Apply online for free conference admission.

SEARCH :

Site Index

TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.


TechTarget Corporate Web Site \| Media Kits \| Site Map All Rights Reserved, Copyright 2003 - 2009, TechTarget \| Read our Privacy Policy