Without a doubt one of the most important sources of malware entry on the net is simply when browsing pages. We may come across a site that has been maliciously modified or has suffered an attack and may affect the safety of visitors. The methods are very diverse. In this article we echo a story that alerts about how 99% of websites are vulnerable to attacks via JavaScript plugins.
Almost all websites are vulnerable to JavaScript plugins
This is a new study that has found that an average website has 32 different third-party JavaScript programs. We are talking about a large number of plugins that could be exploited and leave the web exposed to Magecart, formjacking and other threats. They could, for example, allow the theft of bank cards.
This report has been presented by Tala Security . They claim that these types of attacks are based on vulnerabilities present in JavaScript and that they are executed on 99% of websites. We could practically say that all the sites on the net. Of course, 30% of the analyzed sites implemented new security measures to counter this problem.
However, the alarming fact is that they only found that 1.1% of websites had really effective security. This also represents a decrease of 11% compared to the previous year.
Security researchers claim that attackers play an advantage by not encountering truly effective resistance. They can access sites that have exploitable vulnerabilities that are not really protected as they should.
Without controls, most sites can be a threat
They also indicate that without effective controls, most websites could pose a security threat. Every piece of code that is executed could result in an attacker being able to modify, steal, or filter information using client-side attacks executed by JavaScript .
Keep in mind that in many cases these attacks, this data leak, is carried out through legitimate applications that are whitelisted. This occurs without the knowledge of the owner of that website.
To carry out this report, they have analyzed the first 1,000 websites in the Alexa ranking . As we have indicated, on average each of them uses 32 JavaScript programs or plugins.
As we say, when browsing the Internet we can run into multiple threats that in one way or another can compromise our security and privacy. That is why we must always take precautions not to see how our equipment is damaged. We leave you an article where we explain some tips to surf the web with privacy.
If we protect our computers, if we use security tools and keep our systems updated, we will be able to face many threats. However on many other occasions the problem is in the mistakes we make. Therefore, common sense is also essential and must always be present.