RSS Alerts

Related Links

Related Stories

  • Weekly brief November 9, 2009
    Breaches, Certifications, Charges, Vulnerabilities, and Acquisitions. Infosecurity sums up the past week's news.
  • Blocking access to Web 2.0 in workplace not viable
    Work usage of Web 2.0 services has soared in recent years, but many businesses block access to Web 2.0 sites in the work environment on the basis that these services pose too much of a security risk.
  • Information Security: Read All About It
    Ill news travels quick and far, or so the saying goes. But how well is security-related news covered in the press, and what are people writing about? Danny Bradbury investigates
    Members' Content
  • Trend Micro reports global rise in social networking at work
    A survey of workers in the US, UK, Germany and Japan has revealed that almost a quarter of employees surveyed now visit social networking sites whilst on the corporate IT network.
  • Google responds to report on Android security
    Research just published claims that around 20% of the 50 000-plus apps in the Android operating system market allow third-party software access to on-phone data, meaning that the information could used maliciously by hackers. However, the report is receiving its fair share of criticism.

News

Web 2.0 sites prime hacker target says report

08 May 2009

Web 2.0-driven websites are now a premier target for hackers, amounting to 21% of all reported hacking incidents, according to an IT security report from the Secure Enterprise 2.0 Forum.

According to the Secure Enterprise 2.0 Forum study, Web 2.0 sites are now attacked more frequently than sites operated by the media (18%) and retail businesses (13%).

The most popular attack vectors exploiting Web 2.0 features are SQL injection (21% of attacks) and authentication abuse (18%), says the report.

Interestingly, Infosecurity notes that Cross Site Request Forgery (CSRF) ranks as the sixth most popular attack vector (8%), but it is growing fast according to the study.

Leaking of sensitive information remains the most common outcome of Web hacks (29%), although disinformation is also a problem (26%), largely due to the hacking of online identities of celebrities, the report adds.

According to David Lavenda, vice president of web 2.0 business security software provider WorkLight and a founder of the forum, as Web 2.0 and social media become increasingly popular for both personal and professional use, it is highly likely that hackers will increase their efforts to exploit vulnerabilities.

"This latest report by the forum clearly spells out the need for companies using these tools to implement a comprehensive security strategy and Web 2.0-specific security mechanisms," he says.

The quarterly report also indicates that social networks, wikis, and community blogging services and sites are the most popular social media targets for hackers.
 

 

This article is featured in:
Application Security Internet and Network Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Copyright © 2010
Elsevier Ltd. All rights reserved.
Terms & Conditions | Privacy | Website Design Working with water