Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Wednesday, August 27, 2008

Report: Popular Web Attacks Go Stealth

Encoded SQL injection and cross-site scripting (XSS) attacks are becoming all the rage as Web defenses are getting better at catching these popular scripting attacks, according to WhiteHat Security’s Website security statistics report released today.  Attackers have begun hiding the malicious code by encoding so they can keep using these old-school attacks, which organizations are getting better at detecting in the clear, says Grossman.  Mary Landesman, senior security researcher at ScanSafe, says her Web security services firm is also seeing more obfuscation, including encryption, of malicious code being injected into Websites.

ScanSafe detected 34 percent more malware last month than it did in all of 2007, according to the report.

Meanwhile, WhiteHat’s report had some good news: For the first time, most of its customers had fixed Website vulnerabilities that had been spotted—66 percent of vulnerabilities on those sites had been remediated, according to the report.

There’s an average of five open vulnerabilities in each Website.

Meanwhile, WhiteHat’s top 10 Website vulnerabilities list now officially includes the potentially lethal cross-site request forgery (CSRF), which Grossman and his team long have been predicting would become an attractive method for attackers.  The list—which rates Web vulnerabilities by their likelihood of being in a Website—has XSS still holding at No. 1 (67 percent), followed by information leakage (41 percent), content spoofing (21 percent), insufficient authorization (18 percent), SQL injection (17 percent), predictable source location (16 percent), insufficient authentication (12 percent), HTTP response splitting (9 percent), abuse of functionality (8 percent), and CSRF (8 percent).

http://www.darkreading.com/document.asp?doc_id=162515&f_src=darkreading_section_296

Posted on 08/27
NewsPermalink