Nearly half of the world’s top one million websites are vulnerable to malware, turning browsing into a security minefield for users, according to new research from Menlo Security.
According to a new study of the top one million domains, 46 percent are running vulnerable software, are known phishing sites, or have had a security breach in the past twelve months.
The big problem is that even when a website is managed by a careful company, it will often load content from other sites, said Kowsik Guruswamy, CTO at Menlo Park, Calif.-based Menlo Security, which sponsored the report, which was released this morning.
Nearly half (46%) of the Alexa top one million websites were found to be risky, putting businesses at risk as their users visits these sites.
The finding is part of a new report published by Menlo Security entitled "State of the Web 2016: Quantifying Today's Internet Risk," where researchers examined key characteristics of the top one million websites, as ranked by Alexa, to determine sources of risk.
Menlo Security Releases State of The Web 2016 Illuminating Widespread Vulnerability
MENLO PARK, Calif. Dec. 13, 2016 – Menlo Security, a pioneer of malware isolation, today announced the availability of its State of The Web 2016 report. The surprising results reveal that nearly half (46%) of the Internet’s top 1 million web sites, as ranked by Alexa, are risky. This is largely due to vulnerable software running on web servers and on underlying ad network domains. The results are significant because risky sites have never been easier to exploit, and traditional security products fail to provide adequate protection. Attackers have their veritable choice of half the web to exploit, allowing them to launch phishing attacks from legitimate sites.
Amir Ben-Efraim's cybersecurity startup Menlo Security was only a year old when he reached out to JPMorgan Chase, telling it how the 30-employee Menlo could help it deal with malware and phishing attacks.
Within a couple of weeks, Menlo was in discussions with the heads of cyberengineering at JPMorgan, talking about what types of controls and other specifications would need to be in place before the megabank could test Menlo's technology.
This year's SINET 16 Innovators were chosen from 82 applicants representing nine countries. The Security Innovation Network (SINET) has shared the results of its annual SINET 16 competition created to discover the most innovative cybersecurity companies.
Brazil puts concerns over cyber-attacks at number 23 despite hosting the Olympic games, whereas the US, Germany and Japan put cyber-attacks at number one - hence extensive cyber-crime is expected during the games.
MSIP is set to become a key component of Fujitsu's Global Management Security Service, using isolation as the central point of its cyber security protection.
The RSA 2016 Innovations Sandbox competition highlights the top security startups, but only one will be awarded title of 'RSA Conference 2016's Most Innovative Startup'.
Oracle on Wednesday announced specific plans to kill the Java browser plugin and has advised users to start migrating to other technologies.
Malware that can be used across platforms gives cyber criminals more targets to attack