Threat Growth
Malicious traffic
exposure has increased significantly year-over-year. The following substantial
increments were observed:
Wordpress #1 on hackers list;
- Wordpress is the most attacked Content Management System (CMS)
- Websites running Wordpress were attacked 24.1% more than websites running on all other CMS platforms combined.
- Wordpress suffers 60% more Cross Site Scripting (XSS) incidents than all other CMS-running websites combined.
Targets
- Retail applications suffer the most from web application attacks; financial institutions second.
- 48.1% of all attack campaigns targeted retail web sites, while 10% targeted financial institutions.
- 40% of all SQL injection attack campaigns targeted retail web sites.
- 64% of all malicious HTTP traffic (protocol violations and malformed requests) was targeted at retail websites.
Extra
- PHP applications suffer three times as many Cross Site Scripting Attacks as .NET applications.
- Websites containing some form of consumer information suffer up to 59% of the attacks
- An increase of 10% in SQL Injection (SQLi) attacks
- An increase of 24% in Remote File Inclusion (RFI) attacks
- Attacks are 44% longer in comparison to the prior period reviewed (i.e., from June 1, 2012 to November 30, 2012].
No comments:
Post a Comment