Post by account_disabled on Feb 24, 2024 0:46:53 GMT -5
CMS are more or less vulnerable and subject to malicious operations that can compromise the functioning of websites. An analysis of web threats, with particular attention to CMS, was conducted by Sucuri , a leading company in the IT security sector. The report describes in detail the trends and types of cyber attacks that most frequently affected CMS during 2022. Content index: The most vulnerable CMS The most frequent infections in 2022 Cyber attacks: some data on 2022 The most vulnerable CMS The study highlighted that 50.58% of all CMS applications were obsolete at the time of infection.
This is mostly attributable to the failure to update the CMS. Specifically, 49.8% of WordPress Qatar Mobile Number List installations were outdated and 36% of all compromised websites included at least 1 vulnerable plugin or theme. This data highlights the importance of making updates and applying security patches when available, mitigating bug risks and reducing the attack surface. The data revealed that WordPress, by far the most popular CMS, accounted for 96.2% of infections in 2022 . Followed by Joomla (1.9%) and Magento (0.7%). However, the automatic updating introduced by WordPress has had a beneficial effect. The most frequent infections in 2022 Throughout 2022, malware operated by injecting malicious JavaScript and PHP scripts to redirect visitors to scam or spam websites, steal login credentials, or deliver drive-by downloads.
For example, in 2022 alone, over 141,000 websites scanned by SiteCheck were found to be infected with malicious variants of a campaign targeting vulnerable WordPress components. SocGholish has also been successful: also known as a "fake browser update" infection, once this malware enters compromised sites, users who visit the related pages will be greeted with a credible browser update request which will result in malicious drive-by-download. Unsuspecting users who download these files are unknowingly opening the door to a Trojan that will be used to carry out a ransomware attack. cms malware 2022 The theft of credit card data used for online purchases also took center stage in 2022: in this case, 2.3% of e-commerce sites contained a credit card skimmer. In particular, targeted actions were detected affecting a large number of online stores running WooCommerce.
This is mostly attributable to the failure to update the CMS. Specifically, 49.8% of WordPress Qatar Mobile Number List installations were outdated and 36% of all compromised websites included at least 1 vulnerable plugin or theme. This data highlights the importance of making updates and applying security patches when available, mitigating bug risks and reducing the attack surface. The data revealed that WordPress, by far the most popular CMS, accounted for 96.2% of infections in 2022 . Followed by Joomla (1.9%) and Magento (0.7%). However, the automatic updating introduced by WordPress has had a beneficial effect. The most frequent infections in 2022 Throughout 2022, malware operated by injecting malicious JavaScript and PHP scripts to redirect visitors to scam or spam websites, steal login credentials, or deliver drive-by downloads.
For example, in 2022 alone, over 141,000 websites scanned by SiteCheck were found to be infected with malicious variants of a campaign targeting vulnerable WordPress components. SocGholish has also been successful: also known as a "fake browser update" infection, once this malware enters compromised sites, users who visit the related pages will be greeted with a credible browser update request which will result in malicious drive-by-download. Unsuspecting users who download these files are unknowingly opening the door to a Trojan that will be used to carry out a ransomware attack. cms malware 2022 The theft of credit card data used for online purchases also took center stage in 2022: in this case, 2.3% of e-commerce sites contained a credit card skimmer. In particular, targeted actions were detected affecting a large number of online stores running WooCommerce.