SOURCE: Menlo Security

Menlo Security

March 24, 2015 06:00 ET

Menlo Security Finds High Risk in Trusted Websites

"State of the Web 2015: Vulnerability Report" Identifies One in Three Top Alexa Websites as Risky

MENLO PARK, CA--(Marketwired - Mar 24, 2015) -   Stealth cybersecurity company, Menlo Security, today released its "State of the Web 2015: Vulnerability Report." Based on a direct interrogation and analysis of the Alexa top one million sites, Menlo Security found that more than one in three of the top domains are risky -- meaning the sites are either already compromised or running vulnerable software -- increasing exposure to attack for anyone visiting those sites.

In 2014, businesses lost nearly $400 billion as a result of cyber crime. As attacks become increasingly sophisticated, even browsing trusted websites and clicking on links in emails have the potential to cause significant damage and compromise devices. With more than one billion websites on the Internet and over 100,000 websites created daily, the risk from vulnerable sites is multiplying.

In total, Menlo Security scanned more than 1.75 million URLs representing over 750,000 unique domains. Key findings include:

  • More than one in 20 sites (6 percent) were identified by third-party domain classification services as serving malware, spam or botnets.
  • Over one in five (21 percent) sites were running software with known vulnerabilities.
  • Sites in categories that are typically "trusted" -- including Computers and Technology, Business, and Shopping -- were the top three sources of vulnerable sites.
  • Of the 2.5 percent of sites that were "uncategorized," a significant proportion (16 percent) was running vulnerable software.

"Respected and trusted websites like Forbes.com and jamieoliver.com have been used to deliver zero-day malware to unsuspecting visitors. These kinds of attacks are happening with increasing frequency because so many sites are running vulnerable software but are routinely classified as 'safe,'" said Kowsik Guruswamy, CTO of Menlo Security. "The current generation of security tools is falling behind in the race to stop attacks. Today's security challenges call for an entirely new approach to preventing malware from infecting user's systems."

To read Menlo Security's State of the Web 2015: Vulnerability Report visit: http://menlosecurity.com/resources/Vulnerability_Report_Mar_2015.html

Additional Resources:

  • Follow Menlo Security on Twitter
  • Follow Menlo Security on LinkedIn
  • Learn more about Menlo Security's beta program here

About Menlo Security
Menlo Security, a stealth cyber security startup, is eliminating the threat of advanced malware by introducing a new security model. The company's solution is currently used by some of the world's largest enterprises. Menlo Security was founded by experienced security executives from Check Point Software and Juniper Networks, in collaboration with renowned academics from the University of California, Berkeley. Backed by General Catalyst Partners and Osage University Partners, Menlo Security is headquartered in Menlo Park, California. Visit www.menlosecurity.com.

Contact Information

  • Media Contact
    Michelle Dailey
    LEWIS PR for Menlo Security
    Email Contact
    415-432-2458