Tutorial: “Decompromising” a site serving malicious code
By popular demand we’ve put together a video tutorial (one of many I hope) on how you can use ASL to solve a problem. In this episode, imagine you are an administrator of a system with multiple customers, all with different sites, applications, and owners. You cant touch the code.. and yet, the code has been compromised by an malicious 3rd party. In security-ese we call this a “Watering Hole” attack. The web site owner is not exactly the target, rather the users that come to that site are. So the site itself is legitimate, the owner is legitimate, and blacklisting is soon to ensue by 3rd parties. The liability extends to more than just your one compromised website, it could effect everyone using this particular server. What if you had something that could make that problem go away without touching the code?