There’s a report out about phishing attacks on LAMP servers.
“The most frequently attacked operating system among survey respondents was Linux OS (76%). Attack victims reported that they used Apache as their web server in 81 percent of the responses, MySQL as their database application in 81 percent of the responses, and PHP/Java as their application platform in 82 percent of responses.
While we acknowledge that â€•LAMPâ€–â€”Linux, Apache, MySQL, PHPâ€”is the most popular web operating environment, the APWG IPC is concerned that this profile is exploited with such apparent frequency. “
Let’s see… they investigated 270 attacks on 203 million sites and they are concerned about the frequency of attacks on LAMP sites… Hmmm. That other OS runs 18% of sites and gets 19% of the attacks reported…
Let’s define frequency folks… How about a one in 851000 chance of a LAMP site being attacked by phishers and reporting the attack? I like those odds. How about all of the sites that did not report phishing details? Think any of them were using closed-source software?