An interesting nugget of research from Zscaler suggests that many blacklisted sites were fine until someone hijacked them. In an email, the cloud security company says senior security researcher Julien Sobrier ran a Google Safe Browsing blacklist against the top one million websites (based on number of visits, as reported by Alexa) and found that 621 of them were blacklisted. He took a closer look at the most popular among those to understand why they were blacklisted, and found that most of them were not malicious by nature, but had been hijacked — malicious JavaScript or iFrames being the general culprit. “It is interesting to notice that Google decided to blacklist the infected site, rather than just blocking the external domain hosting the malicious content,” Sobrier wrote. He also broke down those blacklisted domains by country, finding that 46 percent are hosted in the U.S., while Europe (especially Germany, France and the Netherlands) is number two at 9 percent collectively, followed by China at 8 percent. “No site is safe from hijacking,” Sobrier added. “Personal websites and top-10,000 sites are all likely to be infected at some point.” Read Sobrier’s blog post on the subject here. Related content news Gwinnett Medical Center investigating possible data breach After being contacted by Salted Hash, Gwinnett Medical Center has confirmed they're investigating a security incident By Steve Ragan Oct 02, 2018 6 mins Regulation Data Breach Hacking news Facebook: 30 million accounts impacted by security flaw (updated) In a blog post, Facebook’s VP of product management Guy Rosen said the attackers exploited a flaw in the website's 'View As' function By Steve Ragan Sep 28, 2018 4 mins Data Breach Security news Scammers pose as CNN's Wolf Blitzer, target security professionals Did they really think this would work? By Steve Ragan Sep 04, 2018 2 mins Phishing Social Engineering Security news Congress pushes MITRE to fix CVE program, suggests regular reviews and stable funding After a year of investigation into the Common Vulnerabilities and Exposures (CVE) program, the Energy and Commerce Committee has some suggestions as to how it can be improved By Steve Ragan Aug 27, 2018 3 mins Vulnerabilities Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe