1.888.900.DRIZ (3749)
The Driz Group
  • Managed Services
    • Web Application Security >
      • Schedule WAF Demo
    • Virtual CISO
    • Compliance >
      • SOC1 & SOC2
      • GDPR
    • Third-Party Risk Management
    • Vulnerability Assessment >
      • Free Vulnerability Assessment
  • About us
    • Testimonials
    • Meet The Team
    • Resources
    • In the news
    • Careers
    • Subsidiaries
  • Contact
    • Newsletter
  • How WAF Works
  • Blog
  • Managed Services
    • Web Application Security >
      • Schedule WAF Demo
    • Virtual CISO
    • Compliance >
      • SOC1 & SOC2
      • GDPR
    • Third-Party Risk Management
    • Vulnerability Assessment >
      • Free Vulnerability Assessment
  • About us
    • Testimonials
    • Meet The Team
    • Resources
    • In the news
    • Careers
    • Subsidiaries
  • Contact
    • Newsletter
  • How WAF Works
  • Blog

Cybersecurity Blog

Thought leadership. Threat analysis. Cybersecurity news and alerts.

8/20/2018

0 Comments

Nearly Half of the World’s Top Websites Are Risky to Visit, Study Finds

 
websites risky to visit

Nearly Half of the World’s Top Websites Are Risky to Visit, Study Finds

A new study from Menlo Security showed that almost half of the world’s top websites are risky to visit.

According to Menlo Security'sState of the Web (First Half 2018), 42% or nearly half of the Alexa top 100,000 websites are “risky”. The Menlo Security study considers a website as risky when it falls in one of these three criteria:

  • The website was built on or routinely connects to sites that use software with a known security vulnerability.
  • The website has been used to distribute malicious software (malware) or launch cyberattacks in the past.
  • The website suffered a security breach within the past 12 months.

According to Menlo researchers, the practice of classifying the world’s websites into logical categories is no longer defendable as more than a third of all sites in categories including News and Media, Entertainment and Arts, Shopping and Travel are risky.

Even websites categorized as safe aren’t safe by definition, with 49% of “News and Media” sites falling within Menlo’s criteria as risky, as 45% of Entertainment and Arts, 41% Travel, 40% Personal Sites and Blogs, 39% Society, 39% Business and Economy and 38% Shopping.

3 Variables that Can Put A Website at Risk

Here are 3 variables that can make a website risky:

1. Risks Linked with Background Websites

Menlo researchers found that every time a visitor visits a website, the site calls on average 25 other sites – also as known as background sites – to fetch a content, for instance, a viral video from a content delivery network (CDN) or an advertisement display from an advertisement delivery network.

Every time you visit a website, therefore, you’re not just visiting one website, but 25 sites on average. Any of these background sites could be used by cyberattackers to compromise the main site and eventually website visitors.

An example of a background site which cybercriminals could compromise the main site is through malvertisement, short for malware advertisement. In malvertisement, the advertisement being displayed on the main site could be infected by a malware. If a visitor clicks on a malvertisement, the visitor's computer then becomes infected with a malware.

2. Risks Linked with Use of Active Content

Active content refers to a software that web developers use to produce personalized and dynamic websites. By using software like Flash, active content allows stock tickers to continuously update, and animated images, maps or drop-down boxes to function.

The trade-off with these active contents is that while these contents make websites personalized and dynamic, web developers lose the control in securing the sites as similar to malvertisements, these contents have to be fetched from background sites. These background sites could be compromised and used to deliver a malware.

Adobe Flash, one of the software used for active content, is known to be packed with security loopholes, making this software the favorite tool by cyberattackers. While Adobe tries to make Flash more secure, the product is simply unfortunate enough to rank as one of the most frequently exploited software by cybercriminals.

3. Risk Linked with Use of Vulnerable Web Software

According to Menlo Security, many of today’s top websites and their accompanying background sites run on vulnerable web software.

"Many of the world’s most popular websites run on back-end web servers that are outdated, including some that have not been updated for years or even decades,” Menlo Security said. “This leaves those websites extremely vulnerable to web-borne malware, exposing site visitors to possible infections, incursions, or breaches. Use of outdated server software also threatens any site to which it serves as a ‘background website.’ Simply put, the older the software, the higher the risk.”

Vulnerable web software refers to a software that has been repeatedly attacked over the years. It also refers to a software that has reached its end of mainstream support, including the end of security updates or patches from the software vendor.

Menlo researchers found that many Business and Economy websites still use Microsoft’s IIS version 5 web server, a software that Microsoft stopped providing updates or patches more than 12 years ago.

Microsoft’s IIS version 5 web server has been exploited by cybercriminals in the past. An example of a malware that exploited the security vulnerability in Microsoft’s IIS version 5 web server is the infamous Code Red, a malware that appeared in three versions from July 2001 to August 2001. The first version of this malware defaced webpages and launched a denial of service attack against www.whitehouse.gov.

Code Red, also known as ISS Buffer Overflow vulnerability, allows an attacker to gain full system level access to any server that’s using the Microsoft Internet Information Services (IIS) Web server software. An attacker that exploits the Code Red or ISS Buffer Overflow vulnerability can perform any system level action, including installing malware, adding, changing or deleting files, and manipulating web server content.

Prevention

Here are some of the best practices to the lower the odds of being victimized from risky websites:

If you’re a website owner, make sure that your server runs up-to-date software. Running your company website on Microsoft’s IIS 5 web server, a software that Microsoft no longer supports, is a big security risk for your company. Attackers have been known to exploit computer programs that no longer receive security updates or patches from vendors. To keep your website safe, it’s also important to use technologies that prevent the introduction of malicious code via background sites.

As a website visitor, you can lower your odds of being victimized by a risky website by making sure that your computer programs are up-to-date. It’s also important to avoid vulnerable software like Adobe Flash.

0 Comments

Your comment will be posted after it is approved.


Leave a Reply.

    Author

    Steve E. Driz, I.S.P., ITCP

    Picture
    View my profile on LinkedIn

    Archives

    March 2023
    February 2023
    January 2023
    December 2022
    June 2022
    May 2022
    February 2022
    December 2021
    November 2021
    October 2021
    September 2021
    August 2021
    July 2021
    June 2021
    May 2021
    April 2021
    March 2021
    February 2021
    January 2021
    December 2020
    November 2020
    October 2020
    September 2020
    August 2020
    July 2020
    June 2020
    May 2020
    April 2020
    March 2020
    February 2020
    January 2020
    December 2019
    November 2019
    October 2019
    September 2019
    August 2019
    July 2019
    June 2019
    May 2019
    April 2019
    March 2019
    February 2019
    January 2019
    December 2018
    November 2018
    October 2018
    September 2018
    August 2018
    July 2018
    June 2018
    May 2018
    April 2018
    March 2018
    February 2018
    January 2018
    December 2017
    November 2017
    October 2017
    September 2017
    August 2017
    July 2017
    June 2017
    May 2017
    April 2017
    March 2017
    February 2017
    January 2017
    December 2016
    October 2016
    August 2016
    May 2016
    March 2016
    January 2016
    November 2015
    October 2015
    August 2015
    June 2015

    Categories

    All
    0-Day
    2FA
    Access Control
    Advanced Persistent Threat
    AI
    Artificial Intelligence
    ATP
    Awareness Training
    Botnet
    Bots
    Brute Force Attack
    CASL
    Cloud Security
    Compliance
    COVID 19
    COVID-19
    Cryptocurrency
    Cyber Attack
    Cyberattack Surface
    Cyber Awareness
    Cyber Espionage
    Cybersecurity
    Cyber Security
    Cyber Security Consulting
    Cyber Security Insurance
    Cyber Security Risk
    Cyber Security Threats
    Cybersecurity Tips
    Data Breach
    Data Governance
    Data Leak
    Data Leak Prevention
    DDoS
    Email Security
    Fraud
    GDPR
    Hacking
    Impersonation Scams
    IoT
    Malware
    MFA
    Microsoft Office
    Mobile Security
    Network Security Threats
    Phishing Attack
    Privacy
    Ransomware
    Remote Access
    SaaS Security
    Social Engineering
    Supply Chain Attack
    Supply-Chain Attack
    Third-Party Risk
    Virtual CISO
    Vulnerability
    Vulnerability Assessment
    Web Applcation Security
    Web-applcation-security
    Web Application Firewall
    Web Application Protection
    Web Application Security
    Web Protection
    Windows Security
    Zero Trust

    RSS Feed

Picture

1.888.900.DRIZ (3749)

Managed Services

Picture
Web Application Security
​Virtual CISO
Compliance
​Vulnerability Assessment
Free Vulnerability Assessment
Privacy Policy | CASL

About us

Picture
Testimonials
​Meet the Team
​Subsidiaries
​Contact us
​Blog
​
Jobs

Resources & Tools

Picture
​Incident Management Playbook
Sophos authorized partner logo
Picture
© 2023 Driz Group Inc. All rights reserved.
Photo used under Creative Commons from GotCredit