In the month of September, there was a 40-percent increase in total cyberattacks compared to August, according to a Contrast Labs September 2019 AppSec Intelligence Report.
The three most common attack types in September:
Carefully crafted inputs that alter the SQL queries an application uses in order to steal data or execute code.
XSS attacks inject malicious scripts into benign and trusted websites.
Attacks fool a web application into reading and consequently exposing the contents of files outside of the document root directory of the application or the web server.
Key findings include:
Custom Code Vulnerabilities: Applications had an average of six open, serious vulnerabilities in September.
Top Vulnerabilities by Code Language: Injection vulnerabilities dominated in September. Cross-Site Scripting was the most prevalent serious vulnerability for Java applications and in the top three for .NET and Node applications. SQL Injection and Command Injection vulnerabilities are the most common for .NET and Node applications, respectively.
Custom Code Attacks: The continued dominance of attacks on custom code, making up 99 percent of attacks. The top attacks on CVEs were CVE-2017-5638, CVE-2010-4467, and CVE-2017-9791. SQL Injection, Cross-Site Scripting, and Path Traversal attacks, the top attacks on custom code, each targeted 55 percent of applications.
Top Attack Vectors by Language: Injection attacks continued to dominate, with Java applications targeted the highest number of Command Injection attacks and .NET applications targeted by the highest number of SQL injection attacks.
Attacks By Geolocation
September saw attacks from 119 countries. The greatest number of attacks originated from the United States, India, the Netherlands, Canada, and the UK.
This report was summarised by data from attacks that Contrast Security observed over the previous months and highlights the key trends found.