Once again MySpace proves to be a danger to the Internet community
Once again, the MySpace network is a danger to its visitors. WebSense Security Lab reports that it has:
"... confirmed the existence of a worm spreading on the MySpace network. This worm is exploiting the Javascript support within Apple's embedded QuickTime player (1). This is used in conjunction with a MySpace vulnerability that was announced two weeks ago on the Full-Disclosure mailing list (2). The vulnerabilities are being used to replace the legitimate links on the user's MySpace profile with links to a phishing site."
I, for one, am sick to death of the dangers being faced by MySpace users - how many people remember when 1 million PCs were infected via MySpace pages?
http://msmvps.com/blogs/spywaresucks/archive/2006/07/22/105450.aspx
What about the MySpace usersnames and passwords that were stolen:
http://msmvps.com/blogs/spywaresucks/archive/2006/11/11/274239.aspx
I wonder if MySpace still transmits logins unencrypted:
http://msmvps.com/blogs/spywaresucks/archive/2006/08/08/107051.aspx
Then there are the spoofed log-in pages that continue to be a problem:
http://msmvps.com/blogs/spywaresucks/archive/2006/10/28/216648.aspx
I cannot stress strongly enough my belief that nobody should be allowed to access MySpace via a corporate network under any circumstances, and that nobody should access MySpace via their personal computers unless their computer's security settings are locked down tighter than a vault. Don't go there unless the entire MySpace domain is in your Web browser's restricted sites zone, or don't go there at all.