Monday, July 20, 2009

Top 10 Web Attack Vectors in Second Half of 2008

http://securitylabs.websense.com/content/Assets/WSL_ReportQ3Q4FNL.PDF

As Internet users increase, the Web attack vector continues to grow. Web servers are increasingly compromised through persistent cross-site scripting (XSS) and SQL injection as well as DNS cache- poisoning attacks. The Web Application Security Consortium reports that 97 percent of sites it studied continue to be plagued with significant vulnerabilities.
Below are the top ten Web attack vectors over the last six months. Browser vulnerabilities, SQL injection attacks and the increase of social networking vulnerabilities rounded out the top three vectors. This list remains relatively consistent with the previous top-ten Web attack vector list cited
during the first half of 2008.

1. Browser vulnerabilities
2. Rogue antivirus/social engineering
3. SQL injection
4. Malicious Web 2.0 components (e.g. Facebook applications, third-party widgets and gadgets,
banner ads)
5. Adobe Flash vulnerabilities
6. DNS Cache Poisoning and DNS Zone file hijacking
7. ActiveX vulnerabilities
8. RealPlayer vulnerabilities
9. Apple QuickTime vulnerabilities
10. Adobe Acrobat Reader PDF vulnerabilities


Learn How To Hack

Learn How To Hack



Browser vulnerabilities continued to plague unsuspecting users. Opera version 9.5.1 enabled attackers to steal arbitrary samples of data in memory from desktops through specially crafted JavaScript code while vulnerabilities in Firefox provided attackers additional opportunities for spoofing by exploiting alternate names on self-signed certificates.

In August 2008, Digg, MSNBC, Newsweek, and MSN Norway were hit by a series of malicious third-party banner ads, which led visitors to rogue security software sites and hijacked the clipboards of visitors.

One of the vulnerabilities exploited was an integer overflow in Adobe Flash (CVE-2007-0071). That same month, Websense Security Labs discovered that a major Chinese ISP, China Netcom (CNC), had its DNS cache poisoned. Unsuspecting customers were redirected to a malicious site when the hostname in a URL was mistyped.

No comments:

Post a Comment