Cisco recently published its 2013 Annual Security Report [PDF file], which states that the highest concentration of online security threats target legitimate Web sites rather than pornography, pharmeutical or gambling sites -- online shopping sites are 21 times more likely to deliver malware than counterfeit software sites, and online advertisements are 182 times more likely to deliver malware than pornography.

"Cisco's analysis indicates that the vast majority of Web malware encounters actually occur via legitimate browsing of mainstream websites," the report states. "In other words, the majority of encounters happen in the places that online users visit the most -- and think are safe."

"Compromised websites hosting malicious Java and iFrame attacks and other malware far and away outpaces all other delivery vectors for malware, Cisco’s report said. ... Infecting benign sites with malware remains at the heart of malware propagation as attackers continue to find great success delivering malware over infected banner ads on Websites, malicious media files or redirects via iFrame," writes Threatpost's Michael Mimoso.


"Not surprisingly, Cisco attributed the shift of malware toward mainstream sites and banner ads as an attempt by cybercriminals to target the pockets of the web that attract the largest and most active audiences," writes Network World's Colin Neagle.