What to do
1. Web application filters are a good first step to protecting your Web applications from malicious tampering, but they don't catch everything. Bill Boni strongly recommends ongoing training in coding best practices for all Web developers regardless of the development language they use. "Code reviews, application-level security scanning and rigorous security testing against your Web applications are all essential," he adds.
2. Keep your browsers patched and updated, since the malicious code gets in through vulnerabilities in the browser, Chris Shiflett says. "If you can, get on a less used and less targeted browser, a really solid and mature browser like Opera, Safari or Firefox," he says.