For three days, the hospital network's firewalls fell apart and its network slowed to a crawl. It was an agonizing stretch for "Cam Smith" (the anonymous IT engineer featured by CSO magazine), whose network was down about 90 percent of the time during the painful episode, despite the best efforts of the IT department and vendor engineers. Smith and his colleagues were stumped at first, particularly given that none of them were assigned full-time to security issues, but after pulling out server plugs one at a time, they found the source of the problem. As it turns out, Smith's network was being slammed by a DoS attack which slithered in through a single remote user's use of a malicious Web site. As it turns out, the site exploited Java and ActiveX vulnerabilities to take over the remote user's computer and launch the attack. Worried about the possibility of other employees stumbling across the rigged site, Smith challenged vendor SecureWave to prove it could stop a similar attack--and the vendor did just that. Smith then reported the vulnerability to all affected parties, including Microsoft, antivirus vendors and Google, which had led the remote employee to the site indirectly via a hacked toolbar.

For more background on the Java/ActiveX exploit:
- read this article from CSO