Sophos Security Threat Report, July 2008

SophosLabs has issued the July 2008 edition of its regular Security Threat Report, this time looking at the first six months of the year.

One of the major themes of the year has been the increase in web-based malware threats, in particular SQL injection attacks, with the labs discovering some 16,173 new infected webpages every day – one every five seconds.

What has surprised some people is that some 90% of the infected pages are on legitimate sites that have been hacked. Whereas in the past it was possible to tell people to avoid “shady” areas of the web (pornography, gambling, warez), that really doesn’t work anymore. The message should be loud and clear – websites big and small, well-known and obscure, can be a risk to unprotected users.

A lot of the media coverage for the report has focused on a tiny part of it: our statistic showing that 2% of the malware is…

Read more in my article on the Naked Security website.

Found this article interesting? Follow Graham Cluley on Twitter, Mastodon, or Threads to read more of the exclusive content we post.

Graham Cluley is a veteran of the cybersecurity industry, having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent analyst, he regularly makes media appearances and is an international public speaker on the topic of cybersecurity, hackers, and online privacy. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.