homepage Welcome to WebmasterWorld Guest from 107.22.141.14
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Visit PubCon.com
Home / Forums Index / Hardware and OS Related Technologies / Website Technology Issues
Forum Library, Charter, Moderators: phranque

Website Technology Issues Forum

    
Malware Threat Continues to Rise
engine




msg:3935215
 2:31 pm on Jun 17, 2009 (gmt 0)

Malware Threat Continues to Rise [news.bbc.co.uk]
Legitimate websites are a growing frontier for malware attacks with over ten million pages affected every year.

Security start-up Dasient claimed the threat has risen as more people create their own websites and blogs without proper built-in security protocols.

Anyone opening an infected page could have the malware downloaded to their computer without even realising it.

"There's a real and present danger of the web being seriously compromised," said Dasient co-founder Neil Daswani.

"This emerging threat is becoming very real and is already affecting millions and millions of websites. 30,000 web pages are affected every day according to the likes of Microsoft and the security firm Sophos," said Mr Daswani who was a senior security engineer at Google.


 

encyclo




msg:3936396
 12:20 am on Jun 19, 2009 (gmt 0)

With content-managements systems such as WordPress being used more and more, combined with the lack of follow-up to security updates and the prevalence of clear "footprints" by major CMS scripts, it is getting easier to target thousands of websites running the same vulnerable scripts.

Combined with the additional problems caused by third-party inserted code such as advertising or widgets, the attack vector is widening rapidly.

What to do? Better diligence is managing security issues from webmasters is one vital aspect, when developing a site using a CMS, plans should be made (and added to contracts for sites developed for hire) to make sure scripts are rapidly brought up to date for every announced vulnerability.

Very few attacks on websites are zero-day exploits, for the overwhelming majority of cases the vulnerability is known for weeks or months before the worm infects unprotected sites.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Hardware and OS Related Technologies / Website Technology Issues
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved