NEW RESEARCH: Web 2.0 and “Legit” Web Sites Are Latest Playground for Information-Stealing Computer Criminals
SOURCE:
Websense
2008-07-29 07:00:00
NEW RESEARCH: Web 2.0 and “Legit” Web Sites Are Latest Playground for Information-Stealing Computer Criminals
NEW RESEARCH: Web 2.0 and “Legit” Web Sites Are Latest Playground for Information-Stealing Computer Criminals
New Websense Security Labs Research Shows 75 Percent of Malicious Sites Are From Legitimate, Trusted Sources With “Good” Reputation Scores
SAN DIEGO, CA–(EMWNews – July 29, 2008) – Websense, Inc. (
Highlights / Key Facts:
— 60 percent of the top 100 most popular Web sites either hosted malicious
content or contained a masked redirect to lure unsuspecting victims from
legitimate sites to malicious sites, according to
new research released today from Websense Security Labs™. The top 100 most popular Web sites, many of
which are social networking, Web 2.0 and search sites, represent the
majority of all Web page views and are the most popular target for
attackers. With their large user base, good reputations and support for Web
2.0 applications, these sites provide malicious code authors with abundant
opportunity.
— In the first half of 2008 more than 75 percent of the Web sites
Websense® classified as malicious were actually sites with seemingly
“good” reputations that had been compromised by attackers. This
represents a 50 percent increase from the second half of 2007.
— More than 45 percent of the top 100 most popular Web sites support
user-generated content.
— Websense Security Labs found that 29 percent of malicious Web attacks
included data-stealing code, demonstrating that attackers are after
essential information and data.
— The convergence of blended Web and email threats continues to increase.
Websense Security Labs reports that now more than 76.5 percent of all
emails in circulation in the past six months contained links to spam
sites and/or malicious Web sites. This represents an 18 percent increase
since December 2007.
— Websense Security Labs uses the patent-pending Websense
ThreatSeeker™ Network to discover, classify and monitor global
Internet threats and trends. Security researchers use the Internet
security intelligence from the system, which includes more than 50 million
real-time data collecting systems that parse one billion pieces of content
daily, to publish security trends and protect customers.
Links / URLs:
Podcast:
— SC Magazine podcast:Super Cybercrime with Websense Chief Technology
Officer Dan Hubbard
http://podcasts.scmagazine.com/show/2_2008-01-28T14_46_20-08_00
— Websense YouTube Channel: http://www.youtube.com/user/WBSNMKTG
— Del.icio.us: http://del.icio.us/informationprotection
— Websense Security Labs ThreatSeeker Network Whitepaper:
http://www.websense.com/welcome/MiscLandings/ThreatSeekerNetwork/index.php
— Websense Security Labs presentation from CanSec 2008: “Web-Wreckutation”
http://securitylabs.websense.com/content/Assets/websense_cansec_2008.pdf
— Websense Security Labs site: http://securitylabs.websense.com/
Quotes: -- "Today attackers are overwhelmingly forgoing creating their own malicious sites and targeting legitimate Web sites that have a built in base of visitors," said Dan Hubbard, chief technology officer, Websense. "There is an element of trust in the Web 2.0 world that the Web sites we frequent every day are safe, but attackers are taking advantage of the 'good reputations' of Web sites to launch attacks. Most Web security and URL filtering technology today heavily rely on a Web sites' reputation, but this method is outdated. In terms of security, the URL doesn't matter anymore -- it's all about the dynamic content that is served up on the page. To safely use the Internet today, organizations need Web security protection that can analyze the content on the Web page in real-time." -- "With legitimate Web sites that our employees may try to go to for business reasons, increasingly getting compromised by criminals, the research on the latest threats and the Web security protection from Websense is critical to our organization," said Websense customer Tim Lawrence, information technology (IT), security analyst at AutomationDirect.
Websense News RSS Feed: All Websense
News RSS Feed
Websense Security Labs Alerts RSS Feed:
http://securitylabs.websense.com/content/alertsRSS.xml
Websense Security Labs Blog RSS Feed:
http://securitylabs.websense.com/content/blogsRSS.xml
About Websense, Inc.
Websense, Inc. (
and data protection technologies, provides Essential Information
Protection™ for more than 42 million employees at more than 50,000
organizations worldwide. Distributed through its global network of channel
partners, Websense software and hosted security solutions
help organizations block malicious code, prevent the loss of confidential
information and enforce Internet use and security policies. For more
information, visit www.websense.com.
Websense and Websense Enterprise are registered trademarks of Websense,
Inc. in the United States and certain international markets. Websense has
numerous other unregistered trademarks in the United States and
internationally. All other trademarks are the property of their respective
owners.
Contact Information: Sarah Thornton +1 858 320-9500 [email protected] |
|
Major Newsire & Press Release Distribution with Basic Starting at only $19 and Complete OTCBB / Financial Distribution only $89
Get Unlimited Organic Website Traffic to your Website
TheNFG.com now offers Organic Lead Generation & Traffic Solutions