Cybercriminals targeting web applications have grown more reliant on automated tools as nearly 20 percent of the attacks detected were fuzzing attacks, trying to find the points at which applications break to exploit, a report said on Wednesday. Fuzzing is the usually automated process of finding hackable software bugs by randomly feeding different permutations of data into a target program until one of those permutations reveals a vulnerability.
The cloud-enabled security solutions provider Barracuda Networks that analyzed a sample of two months of blocked data on web application attacks in the month of November and December found that the top five attacks using automated tools were fuzzing attacks, injection attacks, fake bots, App Distributed Network Attacks(DDoS and blocked bots. “While analyzing the current state of encryption, our researchers identified that even though it can prevent a variety of attacks like man-in-the-middle, and provides one layer of protection for users visiting websites, attacks can still occur within the stream,” Murali Urs, Country Manager-India, Barracuda Networks, said in a statement.
After fuzzing attacks, injection attacks were the next at about 12 percent, and most of the attackers were using automated tools like sql-map to try getting into the applications. Automated attacks use bots to try to exploit vulnerabilities in web applications. These attacks can range from fake bots posing as Google bots to avoid detection to application Distributed Network Attacks trying to crash a site by subtly overloading the application, the report said.
4 diamond rings robbed from a jewelry store in Lucknow
Groom ran away from marriage ceremony, bride did this work
Pawan executioner says about hanging of Shabnam 'just waiting for date'