Web Attack Trend
Websites, which enterprises or individuals use to provide services for users, are usually the first choice of hackers during attacks. Web attacks in 2019 clung to traditional patterns and methods, including server information disclosure, resource leeching, cross-origin resource sharing (CORS), SQL injection, and cookie poisoning, which together accounted for 89% of web attacks. Given their high popularity, these traditional methods will continue to be a top concern for defenders.
Compared with the previous year, 2019 was a stable year for web framework/middleware attacks, though attacks targeting the ThinkPHP framework did rise significantly as a result of multiple vulnerabilities reported in mainstream 3.x and 5.x versions. This year, no new high-risk vulnerabilities were reported in Apache Struts 2. However, as this framework contains a lot of legacy vulnerabilities, it still suffered the most attacks in the past year, ranking No. 1 for three straight years on the list of
web frameworks under attack. Mainstream web middleware, including Apache Tomcat, Microsoft IIS, and Oracle WebLogic Server, was still frequently attacked. This is because these products have a large installed base and carry a great number of applications, thus becoming a magnet to hackers, who are poised to exploit any vulnerabilities disclosed.
To be continued.