In 2008, criminals moved from email (spam, viruses) to sophisticated web-based attacks. Targeting weaknesses in server-based applications such as blogging tools and client-side browser plug-ins, including Flash, has allowed malware to be installed when users simply visit a web page.
