Locks and Security News: your weekly locks and security industry newsletter
25th March 2020 Issue no. 500
Your industry news - first
We strongly recommend viewing Locks and Security News full size in your web browser. Click our masthead above to visit our website version.
Cross-Site Scripting (XSS) made nearly 40% of all cyber attacks in 2019
Cyber-attacks have targeted nearly 75 percent of large companies across Europe and North America over the last twelve months. According to PreciseSecurity.com research, almost 40 percent of all cyber-attacks in 2019 was performed by using cross-site scripting, which is hackers' favorite attack vector globally.
Cross-site scripting or XSS is a type of injection attack, in which malicious scripts are injected into trusted websites. Most of the XSS attacks are performed by using a web application to send malicious code, mostly in the form of a browser side script, to a different end-user. The statistics show SQL injection is the second most used attack vector globally, followed by fuzzing.
However, the 2019 surveys revealed some interesting facts about the global hacker's reasons for choosing the company to hack. Nearly 60 percent of them named the challenge and the opportunity to learn as the primary reason for doing cyber-attacks. Forty percent of hackers perform the attacks because they simply like the company, while 36 percent of them want to test the security team's responsiveness.
With 72.3 percent of all cyber-attacks happening on the websites, the 2019 data indicates this is the hackers' favorite platform to perform attacks globally. Because of its massive user-base, WordPress is one of the prime targets of hackers, and 98 percent of WP platform vulnerabilities are related to plugins.
An application program interface (API) is the second most targeted platform with a 6.8 percent share in the global hacking incidents list. The statistics show that around 7 percent of hackers choose Android mobile and operating systems for performing attacks. Attacks aiming at downloadable software and the Internet make only 3.9 percent of all hacking incidents globally.
The full story can be read here:
19th February 2020