{"id":10499,"date":"2013-02-06T14:15:24","date_gmt":"2013-02-06T22:15:24","guid":{"rendered":"http:\/\/www.intego.com\/mac-security-blog\/?p=10499"},"modified":"2013-04-03T12:01:12","modified_gmt":"2013-04-03T19:01:12","slug":"ads-huge-source-of-malicious-content-java-vulnerabilities-behind-80-percent-of-exploits","status":"publish","type":"post","link":"https:\/\/www.intego.com\/mac-security-blog\/ads-huge-source-of-malicious-content-java-vulnerabilities-behind-80-percent-of-exploits\/","title":{"rendered":"Ads are a Huge Source of Malicious Content; Java Vulnerabilities Behind 80% of the Exploits"},"content":{"rendered":"<p>A recent annual report from Cisco highlights something that&#8217;s pretty obvious to anyone who&#8217;s been paying attention to malware statistics over the last several years:\u00a0<a href=\"http:\/\/news.yahoo.com\/mainstream-websites-more-likely-harbor-malware-201142450.html\">ads are one of the biggest sources of malicious content<\/a> on the web. It\u2019s not that hard to sneak a bad ad into one of these ad-syndicate networks, which will then be distributed to a number of otherwise-innocent websites.<\/p>\n<p>These can be tricky to diagnose, as reports from customers may be difficult to reproduce \u2013 all your ad stars must align perfectly in order to see where exactly the bad code element originated. This can lead to a host of issues like <a href=\"http:\/\/www.technewsdaily.com\/16731-ad-malware-block.html\">what happened with Netseer\u2019s ad network<\/a> over the last few days. In that case, there was a legitimate problem, but because of an overly broad warning people were getting malware alerts about websites that were not necessarily serving malicious ads.<\/p>\n<p>Of these online attacks, the vast majority (around 80% throughout the year) used Java vulnerabilities to get their malicious actions done. This shows clearly what security people have been saying for years: Java is a huge boon for cybercriminals. It&#8217;s cross-platform and full of holes, and updates come fairly slowly unless a vulnerability reaches a high level of prevalence. Even then, people are not updating in a timely fashion. Many of the samples Cisco saw throughout the year contained vulnerabilities for multiple applications (such as Flash or PDF), but the Java vulnerabilities were much more successful. With Oracle&#8217;s promise of a major overhaul of Java, it will be interesting to see what the statistics for 2013 show about their success.<\/p>\n<p>Here&#8217;s <a href=\"http:\/\/us.lrd.yahoo.com\/_ylt=Ah10X8CRR8guhF75bT1Z_tQAQF1H;_ylu=X3oDMTI1aXJjaDJmBG1pdANDeFMgQ29tbW9uIEFydGljbGUgQXJ0aWNsZUJvZHkEcG9zAzIEc2VjA01lZGlhQXJ0aWNsZUJvZHlBc3NlbWJseQ--;_ylg=X3oDMTM3ZWY5Ym5pBGludGwDdXMEbGFuZwNlbi11cwRwc3RhaWQDY2Y4M2IxOTQtYTBhZi0zNjNiLTg1MGEtNDA5YTkxMTg0MmQzBHBzdGNhdANob21lfGVudGVycHJpc2V8bmV3cwRwdANzdG9yeXBhZ2U-;_ylv=0\/SIG=12rg4ik9c\/EXP=1361396027\/**http%3A\/\/www.cisco.com\/en\/US\/prod\/vpndevc\/2013-annual-security-report.pdf\">Cisco&#8217;s 2013 report<\/a> in its entirety.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A recent annual report from Cisco highlights something that&#8217;s pretty obvious to anyone who&#8217;s been paying attention to malware statistics over the last several years:\u00a0ads are one of the biggest sources of malicious content on the web. It\u2019s not that hard to sneak a bad ad into one of these ad-syndicate networks, which will then [&hellip;]<\/p>\n","protected":false},"author":6,"featured_media":10521,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"spay_email":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false},"categories":[13],"tags":[75,86,143],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v17.4 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<meta name=\"description\" content=\"A recent annual report from Cisco highlights something that&#039;s pretty obvious to anyone who&#039;s been paying attention to malware statistics over the last\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.intego.com\/mac-security-blog\/ads-huge-source-of-malicious-content-java-vulnerabilities-behind-80-percent-of-exploits\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Ads are a Huge Source of Malicious Content; Java Vulnerabilities Behind 80% of the Exploits - The Mac Security Blog\" \/>\n<meta property=\"og:description\" content=\"A recent annual report from Cisco highlights something that&#039;s pretty obvious to anyone who&#039;s been paying attention to malware statistics over the last\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.intego.com\/mac-security-blog\/ads-huge-source-of-malicious-content-java-vulnerabilities-behind-80-percent-of-exploits\/\" \/>\n<meta property=\"og:site_name\" content=\"The Mac Security Blog\" \/>\n<meta property=\"article:published_time\" content=\"2013-02-06T22:15:24+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2013-04-03T19:01:12+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/02\/chrome-malware-thumb.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"400\" \/>\n\t<meta property=\"og:image:height\" content=\"260\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Lysa Myers\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\",\"name\":\"Intego\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"sameAs\":[],\"logo\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"contentUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"width\":875,\"height\":875,\"caption\":\"Intego\"},\"image\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\"}},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"name\":\"The Mac Security Blog\",\"description\":\"Keep Macs safe from the dangers of the Internet\",\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/ads-huge-source-of-malicious-content-java-vulnerabilities-behind-80-percent-of-exploits\/#primaryimage\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/02\/chrome-malware-thumb.jpg\",\"contentUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/02\/chrome-malware-thumb.jpg\",\"width\":\"400\",\"height\":\"260\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/ads-huge-source-of-malicious-content-java-vulnerabilities-behind-80-percent-of-exploits\/#webpage\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/ads-huge-source-of-malicious-content-java-vulnerabilities-behind-80-percent-of-exploits\/\",\"name\":\"Ads are a Huge Source of Malicious Content; Java Vulnerabilities Behind 80% of the Exploits - The Mac Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/ads-huge-source-of-malicious-content-java-vulnerabilities-behind-80-percent-of-exploits\/#primaryimage\"},\"datePublished\":\"2013-02-06T22:15:24+00:00\",\"dateModified\":\"2013-04-03T19:01:12+00:00\",\"description\":\"A recent annual report from Cisco highlights something that's pretty obvious to anyone who's been paying attention to malware statistics over the last\",\"breadcrumb\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/ads-huge-source-of-malicious-content-java-vulnerabilities-behind-80-percent-of-exploits\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.intego.com\/mac-security-blog\/ads-huge-source-of-malicious-content-java-vulnerabilities-behind-80-percent-of-exploits\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/ads-huge-source-of-malicious-content-java-vulnerabilities-behind-80-percent-of-exploits\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.intego.com\/mac-security-blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Ads are a Huge Source of Malicious Content; Java Vulnerabilities Behind 80% of the Exploits\"}]},{\"@type\":\"Article\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/ads-huge-source-of-malicious-content-java-vulnerabilities-behind-80-percent-of-exploits\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/ads-huge-source-of-malicious-content-java-vulnerabilities-behind-80-percent-of-exploits\/#webpage\"},\"author\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/12b11624d5a648c576d8dce6f93b230a\"},\"headline\":\"Ads are a Huge Source of Malicious Content; Java Vulnerabilities Behind 80% of the Exploits\",\"datePublished\":\"2013-02-06T22:15:24+00:00\",\"dateModified\":\"2013-04-03T19:01:12+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/ads-huge-source-of-malicious-content-java-vulnerabilities-behind-80-percent-of-exploits\/#webpage\"},\"wordCount\":286,\"commentCount\":1,\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/ads-huge-source-of-malicious-content-java-vulnerabilities-behind-80-percent-of-exploits\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/02\/chrome-malware-thumb.jpg\",\"keywords\":[\"Java\",\"Malware\",\"Vulnerabilities\"],\"articleSection\":[\"Security &amp; Privacy\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.intego.com\/mac-security-blog\/ads-huge-source-of-malicious-content-java-vulnerabilities-behind-80-percent-of-exploits\/#respond\"]}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/12b11624d5a648c576d8dce6f93b230a\",\"name\":\"Lysa Myers\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#personlogo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/783af524dca7753ceb3cd9a576398a0e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/783af524dca7753ceb3cd9a576398a0e?s=96&d=mm&r=g\",\"caption\":\"Lysa Myers\"},\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/author\/lysam\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"description":"A recent annual report from Cisco highlights something that's pretty obvious to anyone who's been paying attention to malware statistics over the last","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.intego.com\/mac-security-blog\/ads-huge-source-of-malicious-content-java-vulnerabilities-behind-80-percent-of-exploits\/","og_locale":"en_US","og_type":"article","og_title":"Ads are a Huge Source of Malicious Content; Java Vulnerabilities Behind 80% of the Exploits - The Mac Security Blog","og_description":"A recent annual report from Cisco highlights something that's pretty obvious to anyone who's been paying attention to malware statistics over the last","og_url":"https:\/\/www.intego.com\/mac-security-blog\/ads-huge-source-of-malicious-content-java-vulnerabilities-behind-80-percent-of-exploits\/","og_site_name":"The Mac Security Blog","article_published_time":"2013-02-06T22:15:24+00:00","article_modified_time":"2013-04-03T19:01:12+00:00","og_image":[{"width":"400","height":"260","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/02\/chrome-malware-thumb.jpg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","twitter_misc":{"Written by":"Lysa Myers","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Organization","@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization","name":"Intego","url":"https:\/\/www.intego.com\/mac-security-blog\/","sameAs":[],"logo":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo","inLanguage":"en-US","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","contentUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","width":875,"height":875,"caption":"Intego"},"image":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo"}},{"@type":"WebSite","@id":"https:\/\/www.intego.com\/mac-security-blog\/#website","url":"https:\/\/www.intego.com\/mac-security-blog\/","name":"The Mac Security Blog","description":"Keep Macs safe from the dangers of the Internet","publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/ads-huge-source-of-malicious-content-java-vulnerabilities-behind-80-percent-of-exploits\/#primaryimage","inLanguage":"en-US","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/02\/chrome-malware-thumb.jpg","contentUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/02\/chrome-malware-thumb.jpg","width":"400","height":"260"},{"@type":"WebPage","@id":"https:\/\/www.intego.com\/mac-security-blog\/ads-huge-source-of-malicious-content-java-vulnerabilities-behind-80-percent-of-exploits\/#webpage","url":"https:\/\/www.intego.com\/mac-security-blog\/ads-huge-source-of-malicious-content-java-vulnerabilities-behind-80-percent-of-exploits\/","name":"Ads are a Huge Source of Malicious Content; Java Vulnerabilities Behind 80% of the Exploits - The Mac Security Blog","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/ads-huge-source-of-malicious-content-java-vulnerabilities-behind-80-percent-of-exploits\/#primaryimage"},"datePublished":"2013-02-06T22:15:24+00:00","dateModified":"2013-04-03T19:01:12+00:00","description":"A recent annual report from Cisco highlights something that's pretty obvious to anyone who's been paying attention to malware statistics over the last","breadcrumb":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/ads-huge-source-of-malicious-content-java-vulnerabilities-behind-80-percent-of-exploits\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.intego.com\/mac-security-blog\/ads-huge-source-of-malicious-content-java-vulnerabilities-behind-80-percent-of-exploits\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.intego.com\/mac-security-blog\/ads-huge-source-of-malicious-content-java-vulnerabilities-behind-80-percent-of-exploits\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.intego.com\/mac-security-blog\/"},{"@type":"ListItem","position":2,"name":"Ads are a Huge Source of Malicious Content; Java Vulnerabilities Behind 80% of the Exploits"}]},{"@type":"Article","@id":"https:\/\/www.intego.com\/mac-security-blog\/ads-huge-source-of-malicious-content-java-vulnerabilities-behind-80-percent-of-exploits\/#article","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/ads-huge-source-of-malicious-content-java-vulnerabilities-behind-80-percent-of-exploits\/#webpage"},"author":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/12b11624d5a648c576d8dce6f93b230a"},"headline":"Ads are a Huge Source of Malicious Content; Java Vulnerabilities Behind 80% of the Exploits","datePublished":"2013-02-06T22:15:24+00:00","dateModified":"2013-04-03T19:01:12+00:00","mainEntityOfPage":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/ads-huge-source-of-malicious-content-java-vulnerabilities-behind-80-percent-of-exploits\/#webpage"},"wordCount":286,"commentCount":1,"publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"image":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/ads-huge-source-of-malicious-content-java-vulnerabilities-behind-80-percent-of-exploits\/#primaryimage"},"thumbnailUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/02\/chrome-malware-thumb.jpg","keywords":["Java","Malware","Vulnerabilities"],"articleSection":["Security &amp; Privacy"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.intego.com\/mac-security-blog\/ads-huge-source-of-malicious-content-java-vulnerabilities-behind-80-percent-of-exploits\/#respond"]}]},{"@type":"Person","@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/12b11624d5a648c576d8dce6f93b230a","name":"Lysa Myers","image":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#personlogo","inLanguage":"en-US","url":"https:\/\/secure.gravatar.com\/avatar\/783af524dca7753ceb3cd9a576398a0e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/783af524dca7753ceb3cd9a576398a0e?s=96&d=mm&r=g","caption":"Lysa Myers"},"url":"https:\/\/www.intego.com\/mac-security-blog\/author\/lysam\/"}]}},"jetpack_featured_media_url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/02\/chrome-malware-thumb.jpg","jetpack_publicize_connections":[],"jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p4VAYd-2Jl","amp_enabled":true,"_links":{"self":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/10499"}],"collection":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/comments?post=10499"}],"version-history":[{"count":11,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/10499\/revisions"}],"predecessor-version":[{"id":13143,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/10499\/revisions\/13143"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/media\/10521"}],"wp:attachment":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/media?parent=10499"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/categories?post=10499"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/tags?post=10499"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}