By Jennifer Lake – Two newsworthy events illustrated an interesting trend that is reflected in HP DVLabs’ 2010 Top Cyber Security Risks Report. The report, which looks at the vulnerabilities and attacks most prevalent in enterprise in 2010, identified a near 60 percent shift in legacy-focused attacks (like the SQL worm) to http-focused attacks (like LizaMoon) in one calendar year. This finding is one of many that highlight the overwhelming, and continued, rise of attacks against web applications.
- 49 Percent of web applications had at least one critical command execution or SQL Injection vulnerability
- Attacks targeting web servers (HTTP server side) increased nearly 4x over 2010
- Web-based attacks use a combination of several different tactics to release a payload, including denial of service and SQL Injection
- Web exploit toolkits achieve an amazingly high infection rate – even the lowest ranked toolkit has an infection rate of 7.5 percent