Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

SonicWALL Records Spam Spike

Email security statistics compiled by SonicWall indicate that spam volumes rose in first quarter 2007

MUMBAI, India -- Email security statistics compiled by SonicWALL, Inc. (NASDAQ: SNWL), the world leader in security appliances, indicate that spam volumes rose by 44.29% in Q1 2007 from Q4 2006. Overall junk email which includes spam, phishing, viruses, Directory Harvest and similar types of attacks rose 24.46% over the same period. The results were based on aggregated results from the SonicWALL Smartlab and were factored for the 28.9% increase due to new SonicWALL Email Security customer installations during the reporting period.

Directory Harvest Attacks continue to make up the bulk of junk email in the first quarter of 2007 at 57.99%, but this is down from the fourth quarter of 2006 at 63.52%. Good email rose slightly from 5.84% in Q4 to 6.83% in Q1. Phishing attacks continued to rise, but were still less than 1% of overall email in Q1. A spike in phishing attacks occurred in mid-January, mirroring similar patterns from previous years, as consumers were sorting through their holiday bills and phishers attempted to take advantage of the seasonally high level of credit card activity.

SonicWALL continues to observe waves in the quarterly data that reflect familiar signs of the malware economy in action: Directory Harvest attacks to obtain email addresses, virus attacks to enlist zombie machines as part of a botnet, and spam or phishing attacks to cash in. For example, in late January a temporary rise in Directory Harvest attacks of 15% was detected. This was followed in early February by a brief rise in virus emails of 12%. In mid-February there was a rise of 28% in phishing emails, including the highest-volume phishing day of the quarter on February 12th.

"We see no signs that the avalanche of junk email is abating," said Gleb Budman, senior director of Email Security at SonicWALL. "Junk email was up dramatically in 2006 and has risen 24% just in the first 3 months of this year. IT administrators and users are grappling with a huge productivity issue, where more than nine-tenths of inbound emails are junk.

"It takes an average of 34 seconds to deal with each unwanted email that makes its way into a network," added Budman. "Spam solutions need constant updating if they are to withstand the barrage of unproductive or dangerous email that's being generated by the malware economy."

SonicWall Inc. (Nasdaq: SNWL)

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/2/2020
Ripple20 Threatens Increasingly Connected Medical Devices
Kelly Sheridan, Staff Editor, Dark Reading,  6/30/2020
DDoS Attacks Jump 542% from Q4 2019 to Q1 2020
Dark Reading Staff 6/30/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-9498
PUBLISHED: 2020-07-02
Apache Guacamole 1.1.0 and older may mishandle pointers involved inprocessing data received via RDP static virtual channels. If a userconnects to a malicious or compromised RDP server, a series ofspecially-crafted PDUs could result in memory corruption, possiblyallowing arbitrary code to be executed...
CVE-2020-3282
PUBLISHED: 2020-07-02
A vulnerability in the web-based management interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an unauthenticated, remote attack...
CVE-2020-5909
PUBLISHED: 2020-07-02
In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, when users run the command displayed in NGINX Controller user interface (UI) to fetch the agent installer, the server TLS certificate is not verified.
CVE-2020-5910
PUBLISHED: 2020-07-02
In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the Neural Autonomic Transport System (NATS) messaging services in use by the NGINX Controller do not require any form of authentication, so any successful connection would be authorized.
CVE-2020-5911
PUBLISHED: 2020-07-02
In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller installer starts the download of Kubernetes packages from an HTTP URL On Debian/Ubuntu system.