RU EN
Добро пожаловать на SKY-FRAUD.RU, после регистрации , вам будут доступны все разделы форума.
Вернуться   SKY-FRAUD.RU > Основное общение > Mass media about us > Website Infections Holding Steady at 1%, But Attacks Becoming Stealthier: Report
 
Adv. info:
Важная информация
Основные домены форума: SKY-FRAUD.RU | S-FRAUD.RU

TOR: bcbm4y7yusdxthg3.onion

XMPP.NAME - Официальный Jabber сервер для участников SKY-FRAUD.RU
Mass media about us News from the world about us.

UAS section 1
UAS Section 2
Advert 3
Ответ
 
Опции темы Опции просмотра
Старый 14.05.2019, 18:08   #1
radikal
Модератор
 
Аватар для radikal
 
radikal вне форума
Регистрация: 08.02.2014
Сообщений: 4,283
По умолчанию Website Infections Holding Steady at 1%, But Attacks Becoming Stealthier: Report

Only 15% of Malware-Infected Websites Are Blacklisted, Report Finds

Only 1% of websites are infected with malware at any given time, but this translates to a colossal 17.6 million websites overall, a new report shows. Many visitors, and website owners, rely on their search engine of choice to tell them whether any particular site is infected -- but only 15% of infected websites are blacklisted by the search engines.

These figures come from the SiteLock 2019 Website Security Report. SiteLock sampled 6,056,969 websites, looking at both infections and vulnerabilities. It found that sites with an external-facing vulnerability are 3.3 times more likely to be infected. XSS vulnerabilities are found in 1.44% of sites, and 3% of those contain malware.

SQLi vulnerabilities are found in 6% of sites, and 2% of those have malware. Cross-site request forgery (CSRF) vulnerabilities are present in 1% of sites, and of those, 3% have malware.

Overall, website attacks grew by 59% during 2018, averaging 62 attacks per day over the year from 330 different bots. Despite this, the number of infected websites remained constant at 1% through the year. It suggests that website defenses may be becoming more effective.

Only 15% of malware-infected websites were blacklisted, down 4% from the beginning of 2018 -- so websites need to be proactive in monitoring for malware rather than rely on the search engines to do it for them.

Thirty-eight percent of websites are built with WordPress, Joomla or Drupal. Forty-eight percent of all CMS websites use WordPress. SiteLock found that keeping up-to-date with the core software isn't enough to guarantee security in CMS websites. For example, it found that of those sites using the latest CMS cores, 34% of Drupal sites, 9% of Joomla and 4% of WordPress sites still had a vulnerability. Many of these vulnerabilities are found in the themes and plugins used to enhance or tailor the sites.

The most common categories of malware found on websites are backdoors, shells and JavaScript files. JavaScript files differ from backdoors and shells because their primary intent is to hijack visitors rather than take control of the website. JavaScript infections are increasingly popular with criminals because they tend to be symptomless to the website owner, generating little 'noise'.

Defacement continue to fall in popularity, found on only 15% of infected sites. SEO spam is also falling, accounting for only 2% of the malware cleaned, and on only 18% of infected websites. SiteLock believes that attackers are moving to stealthier attacks, and SEO spam is by its nature, very noisy.

Stealthier attacks are higher. These include backdoors, shell and file modification -- which were found on 50% of all infected websites.

Crypto-related malware is falling, and SiteLock believes that it will continue to decrease. Verizon's 2019 DBIR also noted the failure in the expected growth of cryptomining over 2018, but did not offer an explanation (its head of security research, Alex Pinto, told SecurityWeek that any correlation between the price of, say bitcoin, and the prevalence of cryptomining could make a study for the future).

SiteLock is less reserved: "With the crash of Bitcoin, the closing of cryptomining service Coinhive, and reduction of value on other currencies, bad actors have less motivation to leverage this strategy." The implication from SiteLock is that if cryptocurrencies increase in value again, as they did dramatically at the end of 2017, then cryptomining could return.

SiteLock detected a decline in 'noisy' attacks against websites. "The more files an attack kit requires," it said, "the more likely it is that either a malware scanner or website developer will spot it and remove it." But while noisy attacks are decreasing, stealthy attacks are increasing. More and more, search engines appear to be erring on the side of caution when blacklisting websites for fear of false positives (the number of blacklisted sites declined by 4% over the year). The attackers are taking advantage of this by becoming stealthier, making it harder for the search engine scanners to detect with sufficient certainty to trigger the blacklist.
__________________
[Для просмотра данной ссылки нужно зарегистрироваться]
[Для просмотра данной ссылки нужно зарегистрироваться]
[Для просмотра данной ссылки нужно зарегистрироваться]
 
Ответить с цитированием

Advertising \ Реклама
2FORCE.SU - THE BIGGEST CVV SHOP ON THE UNDERGROUND MARKET

HQ DUMPS by Donald Trump
Ссылки для доступа к сервису: TRUMP-DMPS.RU


Sell RDP/Продажа дедиков/RDP SHOP #1
Ссылки для доступа к сервису: UAS-SERVICE.RU \ UAS-SERVICE.SU


HQ DUMPS by Donal Trump
Ссылки для доступа к сервису: TRUMP-DMPS.RU


Sell RDP/Продажа дедиков/RDP SHOP #1
Ссылки для доступа к сервису: UAS-SERVICE.RU \ UAS-SERVICE.SU


HQ DUMPS by Donal Trump
Ссылки для доступа к сервису: TRUMP-DMPS.RU



Ответ
Здесь присутствуют: 1 (пользователей: 0 , гостей: 1)
 
Опции темы
Опции просмотра
Ваши права в разделе
Вы не можете создавать новые темы
Вы не можете отвечать в темах
Вы не можете прикреплять вложения
Вы не можете редактировать свои сообщения

BB коды Вкл.
Смайлы Вкл.
[IMG] код Вкл.
HTML код Выкл.

Быстрый переход

Похожие темы
Тема Автор Раздел Ответов Последнее сообщение
IoT Devices Fuel Complex DDoS Attacks: Report radikal Mass media about us 0 24.01.2018 11:46
IoT Botnet Used in Website Hacking Attacks radikal Mass media about us 0 11.12.2017 21:36
Nigerian Behind Attacks Against Over 4,000 Businesses: Report radikal Mass media about us 0 16.08.2017 04:13
Cyber Risk Management: What's Holding Us Back? radikal Mass media about us 0 18.05.2017 00:01
Criminal Capability Outpacing Ability to Defend Attacks in UK: Report radikal Mass media about us 0 11.07.2016 23:59