Problem solve Get help with specific problems with your technologies, process and projects.

How are companies removing malware from blogs?

What are most companies doing today to protect against malware picked up from blog sites? Not much at all, says information security threat expert John Strand.

What are most companies doing today to protect against malware intrusion that may be picked up from blogs on sites like Blogspot? Are companies blocking those sites completely, or are they using tools that stop intrusions? Some here are upset that our company took away access to Blogspot, but I understand the need to protect the company from malware.
Most companies aren't doing anything at all. This usually is the result of an organization wanting an open and fun work environment. Unfortunately, many companies still believe that attacks originate from the outside and target their internal systems. But as we continue to learn with new threat vectors like cross-site request forgery, clickjacking and cross-site scripting, attackers can do well by simply posting malicious content on the Web and waiting for an unsuspecting user to surf to it. The best way to handle attacks originating from blog sites is to block access to them completely.

But remember, blog sites are not the only ones susceptible to these types of threats. Social networking sites like Facebook and MySpace can serve malicious content in the form of advertisements. Even sites like MLB.com have been victims of Flash-based malware. Blog access is ultimately a risk-based decision. If the majority of attacks against your environment originate from blog sites, blocking access is a good first step.

This was last published in February 2009

Dig Deeper on Malware, virus, Trojan and spyware protection and removal

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.