Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

Legitimate Sites Carry Increasing Portion Of Malware

Seventy percent of the Web's top 100 sites hosted malicious content in second half of 2008, Websense lab study says

If you're wondering where most malware comes from, check the "favorites" list in your Web browser.

According to Websense Security Labs' newly published "State of Internet Security" report for the second half of 2008, 77 percent of Websites that carry malicious code are legitimate sites that have been compromised. This figure rose by almost 3 percent over the first six months of the year. The number of sites carrying malicious code grew by 46 percent over the course of 2008, Websense says.

Seventy percent of the top 100 sites on the Web -- most of them social networking or search engine sites -- either hosted malicious content or contained a masked redirect to lure unsuspecting victims from legitimate sites to malicious sites, according to the report. This figure represents a 16 percent increase over the first six months of 2008, Websense says.

"The most prevalent trend was the continued use of Web 2.0 content to exploit weaknesses within the Web infrastructure to attract the greatest number of victims," the report states. "Search engines and social networking sites were the biggest targets over the last six months, as hackers continued to get creative and leverage user-created content to compromise sites with good reputations."

And the Web is becoming attackers' favorite vehicle for launch, the report states. In the second half of 2008, 57 percent of data-stealing attacks were conducted over the Web -- an increase of 24 percent over the first half. Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one ... View Full Bio

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Sodinokibi Ransomware: Where Attackers' Money Goes
Kelly Sheridan, Staff Editor, Dark Reading,  10/15/2019
How to Think Like a Hacker
Dr. Giovanni Vigna, Chief Technology Officer at Lastline,  10/10/2019
7 SMB Security Tips That Will Keep Your Company Safe
Steve Zurier, Contributing Writer,  10/11/2019
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: The old using of sock puppets for Shoulder Surfing technique. 
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
2019 Online Malware and Threats
2019 Online Malware and Threats
As cyberattacks become more frequent and more sophisticated, enterprise security teams are under unprecedented pressure to respond. Is your organization ready?
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2019-10-17
WordPress before 5.2.4 is vulnerable to a stored XSS attack to inject JavaScript into STYLE elements.
PUBLISHED: 2019-10-17
WordPress before 5.2.4 is vulnerable to poisoning of the cache of JSON GET requests because certain requests lack a Vary: Origin header.
PUBLISHED: 2019-10-17
WordPress before 5.2.4 is vulnerable to stored XSS (cross-site scripting) via the Customizer.
PUBLISHED: 2019-10-17
WordPress before 5.2.4 does not properly consider type confusion during validation of the referer in the admin pages, possibly leading to CSRF.
PUBLISHED: 2019-10-17
app/system/admin/admin/index.class.php in MetInfo 7.0.0beta allows a CSRF attack to add a user account via a doSaveSetup action to admin/index.php, as demonstrated by an admin/?n=admin&c=index&a=doSaveSetup URI.