CLOUDTWEAKS DEMAND GENERATION

Each year we provide a few highly customized demand generation opportunities to partners and going into our 10th year at CloudTweaks is certainly no different. We are on the lookout for technology vendors to collaborate with on a number of initiatives in 2019. 

Sponsorship opportunities will be available for all budgets and sizes including the (premium) thought leadership exposure program or the webinar, podcast, white paper or explainer video lead generation program. 

cloud security issues

New Report Finds 1 Out Of 3 Sites Are Vulnerable To Malware

1 Out Of 3 Sites Are Vulnerable To Malware

A new report published this morning by Menlo Security has alarmingly suggested that at least a third of the top 1,000,000 websites in the world are at risk of being infected by malware. While it’s worth prefacing the findings with the fact Menlo used Alexa to compile the list of the top million – a ranking site which is notoriously flawed with spammers and companies paying to have their own numbers inflated – it is still a worrying trend.

Although the use of the Alexa data might be questionable, the Menlo study’s methodology was sound. They scanned 1.75 million URLs before checking each one against third party classification systems to see if it was reported as malicious, checking IP addresses against a reputation database, and issuing a web request to each URL so they could fingerprint the response and determine what software was in use. The results are astounding – the report found one in five sites are running software with known vulnerabilities, and one in twenty sites were identified by 3rd-party domain classification services as serving malware or spam, or are part of a botnet.

risks-alexa-security

The report claims that its findings prove that the concept of a ‘trusted’ site is a fallacy – with a billion websites already online and an extra 100,000 being added every day, companies’ websites are now being threatened by other sites that are out of their control. They use the example of the recent Forbes.com hacking, which saw attackers exploit a WordPress vulnerability to insert malicious code into the site that was then delivered via the ‘trusted site’ for an unspecified amount of time – possibly months.

Menlo Security’s CTO, Kowsik Guruswamy, had the following to say: “Vulnerable servers (like in Forbes, James Oliver, etc.) are being exploited by cyber criminals as a launching pad for delivering malware to unsuspecting end users. If anything, this act is trending higher. As SSL on the Internet becomes more prevalent, enterprises are going to face a much higher risk. This is partly because most enterprises, for privacy reasons, don’t inspect SSL traffic and this is an easy channel for malware to ride on without getting noticed.

The Worst Offenders

So which sites and sectors can you trust? Unsurprisingly, the worst offenders in the report were sites labelled as “Hate and Intolerance”, with sites that promoted content about violence and child abuse showing vulnerability rates of almost 35 percent. In the regular web, the report noted concern about the number of sites in typically trusted sectors that showed vulnerabilities; for example transport, health, and medicine sites had a rate of 20 percent, while tech sites and business sites both exhibited around 18 percent rates.

What is the solution? We’ve already see more than $70 billion spent on cyber security tools in 2014, yet somehow malware always manages to stay one step ahead. Menlo argue that the incident similar to the Forbes hack will become increasingly common until someone addresses the source of the problem by developing a new tool that can completely stop all web attacks before they reach their target, rather than just investing in new tools that do a better job of detecting infected systems and limiting the impacts of security breaches.

What do you think? Is Menlo’s report accurate? How do you envisage the future of cybersecurity? Let us know in the comments below.

By Daniel Price

CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in cloud connected technology information, resources and thought leadership services.

Contact us for a list of our leading brand and thought leadership exposure programs.

RESOURCES

Data Vulnerability Tools

Data Vulnerability Tools

Provided is a list of popular data vulnerability tools to help your company keep an eye out for any security related exploits that you should be made aware of ...
Cloud Migration – 10 ‘Do it Right’ Tips

Cloud Migration – 10 ‘Do it Right’ Tips

Cloud Migration Tips Businesses continue to adopt the cloud at break neck speed. Inherent benefits like lower operational costs, no infrastructure overheads, and quick access to better technology make cloud a very attractive proposition for businesses, especially start-ups and SMEs ...
real time hacking attacks

Live Real Time Hacking and Ransomware Tracking Maps Online

Real Time Hacking Attacks We've recently covered a few real time hacking maps but have decided to extend the list based on the recent ransomware activities with some additional real time hacking attack and ransomware tracking maps. Ransomware refers to malicious ...
Top 50 Cloud Hosting Services

Top 50 Cloud Hosting Services

The methodology behind our top 50 cloud list is based on several years of experience understanding and following who the key players are in the industry. Click to review the current top 50 and stay tuned for future discussion ...
Network Management Software Buyer Guide 2018

Network Management Software Buyer Guide 2018

This concise data-driven report covers the Network Management software landscape, as of August 2018. he 24-page report includes: Market Overview - Top 10 Network Management products in 2018, User reviews and vendor size data, In-depth look at the Top 3 ...

CONTRIBUTORS

Infosec thought leaders

Cryptocurrencies and Ransomware: How VDI Can Help Defend Against the Next Ransomware Attack

Cryptocurrencies and Ransomware The WannaCry ransomware made headlines back in May when it crippled hospitals across the UK and put ...
Want to dip your toe into the cloud? Challenges of a Large Migration

Want to dip your toe into the cloud? Challenges of a Large Migration

Challenges of a Large Migration Migrating to the cloud can be a daunting task. First you have to go through ...
Cloud’s Mighty Role - Why Custom Development is the Next Big Thing (Again)

Cloud’s Mighty Role – Why Custom Development is the Next Big Thing (Again)

Custom Development is the Next Big Thing Today, software is playing a very important role in performing basic business processes ...
How to Transform Your Operating Model for the Cloud

How to Transform Your Operating Model for the Cloud

Transform Your Operating Model It can be tough for established organizations to embrace change, so when they start working with ...
Rainmaking From The Cloud - CIOs Struggle To Keep Pace With IT Demands

Rainmaking From The Cloud – CIOs Struggle To Keep Pace With IT Demands

Rainmaking from the Cloud In the digital era, where customers can select virtually anything with a click of a button, ...
Istio 1.0: Making It Easier To Develop and Deploy Microservices

Istio 1.0: Making It Easier To Develop and Deploy Microservices

With the recent availability of Istio 1.0 it is not surprising that it continues to capture much attention from the ...
Legal Tech - How to Create Long-Term Growth for Your Practice

Legal Tech – How to Create Long-Term Growth for Your Practice

Legal Tech Your Practice Your law firm is a business. Like all businesses, growth and profitability is paramount. You want ...