“It’s no surprise that the majority of these attacks are web-based — every website is different and written by different developers with different skill sets. There is a wide range of different frameworks across a multitude of languages with various components that all have their advantages and drawbacks. Combine this with the fact that not all developers are security gurus, and you’ve got an incredibly alluring target,” says Shawn Smith, Director of Infrastructure at nVisium.“

Web servers are one of the most common services to expose to the internet because most of the world interacts with the internet through websites. There are other areas exposed — like FTP or IRC servers — but the vast majority of the world uses websites as their main contact point to the internet. As a result, this is where attackers will focus on getting the biggest return on investment for their time spent.”

Read the entire article here!