Yuriy Shabalin, Lead Architect of Swordfish Security, said that more than a third, up to 40%, of applications and
The expert emphasized that the problem lies inpotentially dangerous open source code. Critical vulnerabilities are contained in libraries - sets of source code, thanks to which cybercriminals can execute the malicious code they need on the side of the company's server and even completely paralyze its work.
Among the dangers - a complete failure to workany web service, infrastructure compromise and shutdown of a large organization. In addition, experts have found fragments of open source code that provide the author with unauthorized access to users' cryptocurrency wallets.
During the study, 300 projects were analyzed, both mobile applications, programs for computers, and services. But experts found the greatest number of problems with web services.
“Such dangerous weaknesses potentially openopportunities for attackers to carry out attacks. For example, a number of critical vulnerabilities contained in libraries allow the execution of arbitrary code on the server side, which can lead to its complete compromise and make it possible to get into the organization's network,” Yury Shabalin explained.