The official website (asisonline.org) of ASIS International, a major physical security association was hacked and blacklisted yesterday. Add another case to the list of sites using outdated and/or vulnerable applications. In the case of ASIS, they were running a vulnerable version of OpenX (ad server software) and the attackers injected malicious code in there.
Anyone visiting the ASIS website has ads served from ads.asisonline.org which is the culprit. The ad server is loading malware from: hxxp://liyerfit.com/blogs/martin/. The malware string can be detected using our scanner.
Everyone is susceptible to blacklisting, malware infections and the like. It is imperative that you keep your software, applications, plugins, themes, etc. up to date! Also keep up to date with news from your third party vendors to ensure you know when they release a vulnerability statement and updates.
This is the last thing you want your visitors running in to:
We have already spoken with officials at ASIS International, and they are working diligently on the issue. Everything should be squared away shortly.
Protect your interwebs!