Home Report: The 3 Biggest Enterprise Website Malware Vulnerabilities

Report: The 3 Biggest Enterprise Website Malware Vulnerabilities

A white paper released today by malware monitoring company Dasient identifies third party elements beyond the control of company webmasters as the biggest security holes in most enterprise web sites. Specifically, Dasient identifies third party JavaScript widgets, advertising and web applications as the biggest liabilities.

Malware certainly isn’t new to the web, but according to data compiled by Microsoft and Websense and cited by Dasient, daily malware infection have been growing rapidly over the past few years.

Third-party Widgets

By widgets, Dasient is referring to traffic analytics, embedded video, polls, and other JavaScript based apps that connect to third party web sites. The more of these widgets a website employs, the more opportunity there is for malware to find its way onto a site. Even legitimate service providers can be compromised. According to Dasient, 75% of websites use external JavaScript widgets.

Third-party Advertising

The highest profile case of “malvertising” was last year’s New York Times ad hijack. Hackers posed as a legitimate national advertiser placed an innocuous ad for a week, then switched it out for a malware propagating fake antivirus ad. Dasient says 42% of websites display external advertisements.

Third-party applications

Help desk, forums, CRM, CMS and other externally facing web applications can all be exploited, especially if they’re not properly patched. The report sites a whopping 91% of websites have some outdated web applications.

About Dasient

Dasient, founded by former Google engineers Neil Daswani and Shariq Rizvi and former McKinsey strategy consultant Ameet Ranadive, offers malware risk assessment, monitoring and removal services. In addition to various paid services, the company offers a free monitoring tool to notify web masters if their site has been blacklisted. We previously covered Dasient here.

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.