A report from DVLabs states that hackers are using prepackaged exploits to attack sites simultaneously, and the content management systems (CMS) on many sites have not been updated to protect them from such attacks.
Not surprisingly, almost half of the known software vulnerabilities today are in web apps. That hasn’t changed for about 5 years, but the sheer number of attacks which exploit those apps is steadily growing.
HP Digital Vaccine Labs’ (DVLabs) 2010 Top Cyber Security Risks Report released the report early this week, and stated that the increase was due to the availability of botnet-based “attack toolkits” that use known vulnerabilities to access and control PCs so they can aquire financial information. Exploits against open source management systems such as WordPress, Joomla! and Drupal are also on the rise not because they have not been updated, but because updates have not been applied on many servers.