Welcome to WebmasterWorld Guest from 54.144.48.103

Forum Moderators: phranque

Message Too Old, No Replies

Malware Threat Continues to Rise

     
2:31 pm on Jun 17, 2009 (gmt 0)

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



Malware Threat Continues to Rise [news.bbc.co.uk]
Legitimate websites are a growing frontier for malware attacks with over ten million pages affected every year.

Security start-up Dasient claimed the threat has risen as more people create their own websites and blogs without proper built-in security protocols.

Anyone opening an infected page could have the malware downloaded to their computer without even realising it.

"There's a real and present danger of the web being seriously compromised," said Dasient co-founder Neil Daswani.

"This emerging threat is becoming very real and is already affecting millions and millions of websites. 30,000 web pages are affected every day according to the likes of Microsoft and the security firm Sophos," said Mr Daswani who was a senior security engineer at Google.

12:20 am on Jun 19, 2009 (gmt 0)

WebmasterWorld Senior Member encyclo is a WebmasterWorld Top Contributor of All Time 10+ Year Member



With content-managements systems such as WordPress being used more and more, combined with the lack of follow-up to security updates and the prevalence of clear "footprints" by major CMS scripts, it is getting easier to target thousands of websites running the same vulnerable scripts.

Combined with the additional problems caused by third-party inserted code such as advertising or widgets, the attack vector is widening rapidly.

What to do? Better diligence is managing security issues from webmasters is one vital aspect, when developing a site using a CMS, plans should be made (and added to contracts for sites developed for hire) to make sure scripts are rapidly brought up to date for every announced vulnerability.

Very few attacks on websites are zero-day exploits, for the overwhelming majority of cases the vulnerability is known for weeks or months before the worm infects unprotected sites.

 

Featured Threads

Hot Threads This Week

Hot Threads This Month