Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

1/12/2011
02:58 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Commtouch Report: Spam's Back And So Are Old Types Of Threats

During Q4, vintage spam methods were combined with new ones, according to CommTouch's Internet Threats Trend Report

Sunnyvale, Calif. – January 12, 2011 – Spam levels started bouncing back this week after a significant decrease in the fourth quarter, Commtouch' (Nasdaq: CTCH) reported today in its quarterly Internet Threats Trend Report, which covers spam, phishing, malware and Web threats.

December’s daily average for spam was around 30% less than in September; however spam activity increased by 45% just prior to the report’s publication. The average amount of spam for the fourth quarter of 2010 was 83% of all email sent worldwide, down from 88% in the third quarter. The number of zombies active in the fourth quarter was on average 15% less than in the previous quarter.

“An inactive botnet is like an idle factory, a money-losing proposition for spammers,” said Asaf Greiner, Commtouch vice president of products. “We have seen situations where after a lull in spam or malware distribution a new tactic was introduced. Threat experts are wise to continue following changes in network behavior in order to proactively block new threats.”

Highlights from the Q4 Trend Report include:

* Spam levels averaged 142 billion spam/phishing messages per day during Q4 compared to the 198 billion spam/phishing messages per day during Q3.

* Approximately 288,000 zombies were activated daily, a significant decrease as compared to 339,000 during Q3.

* The most popular spam topic in Q4 was pharmacy ads (42% of all spam).

* For the fifth quarter running, pornography/sexually explicit material is the website category most likely to include malware.

* India keeps its title for the third quarter in a row as the country with the most zombies – 17% of all zombies worldwide.

* Streaming media/downloads continues to be the most popular topic for blog creators in the Web 2.0 sphere of user-generated content.

During Q4, vintage spam methods were combined with new ones to further increase the potential for successful spam purchases, phishing, and malware installations. Small and hidden fonts were combined with Twitter subject lines and links exploiting Google’s cache service. This quarter also saw the return of ASCII art spam. As for more “modern” threats, Koobface malware links continued to circulate on Facebook, while box.net, offering content sharing and synchronization services, was used to host spam links.

Commtouch’s quarterly trend report reflects the results of its analysis of billions of Internet transactions daily within the company’s cloud-based GlobalView Network. With the acquisition of the Command Antivirus division of Authentium Commtouch has added the malware analysis capabilities of the Command AV labs.

Commtouch Recurrent Pattern Detection™, GlobalView technologies and multi-layered Command Antivirus identify and block Internet security threats. More details, including samples and statistics, are available in the Commtouch Q4 2010 Internet Threats Trend Report, available at: http://www.commtouch.com/download/1934.

NOTE: Reported global spam levels are based on Internet email traffic as measured from unfiltered data streams, not including internal corporate traffic. Therefore global spam levels will differ from the quantities reaching end user inboxes, due to several possible layers of filtering.

About Commtouch Commtouch' (NASDAQ: CTCH) provides proven Internet security technology to more than 150 security companies and service providers for integration into their solutions. Commtouch’s GlobalView™ and patented Recurrent Pattern Detection™ (RPD™) technologies are founded on a unique cloud-based approach, and work together in a comprehensive feedback loop to protect effectively in all languages and formats. Commtouch’s Command Antivirus utilizes a multi-layered approach to provide award winning malware detection and industry-leading performance. Commtouch technology automatically analyzes billions of Internet transactions in real-time in its global data centers to identify new threats as they are initiated, enabling our partners and customers to protect end-users from spam and malware, and enabling safe, compliant browsing. The company’s expertise in building efficient, massive-scale security services has resulted in mitigating Internet threats for thousands of organizations and hundreds of millions of users in 190 countries. Commtouch was founded in 1991, is headquartered in Netanya, Israel, and has a subsidiary with offices in Sunnyvale, California and Palm Beach Gardens, Florida.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Why Cyber-Risk Is a C-Suite Issue
Marc Wilczek, Digital Strategist & CIO Advisor,  11/12/2019
DevSecOps: The Answer to the Cloud Security Skills Gap
Lamont Orange, Chief Information Security Officer at Netskope,  11/15/2019
Unreasonable Security Best Practices vs. Good Risk Management
Jack Freund, Director, Risk Science at RiskLens,  11/13/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-19010
PUBLISHED: 2019-11-16
Eval injection in the Math plugin of Limnoria (before 2019.11.09) and Supybot (through 2018-05-09) allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands.
CVE-2019-16761
PUBLISHED: 2019-11-15
A specially crafted Bitcoin script can cause a discrepancy between the specified SLP consensus rules and the validation result of the [email protected] npm package. An attacker could create a specially crafted Bitcoin script in order to cause a hard-fork from the SLP consensus. All versions >1.0...
CVE-2019-16762
PUBLISHED: 2019-11-15
A specially crafted Bitcoin script can cause a discrepancy between the specified SLP consensus rules and the validation result of the slpjs npm package. An attacker could create a specially crafted Bitcoin script in order to cause a hard-fork from the SLP consensus. Affected users can upgrade to any...
CVE-2019-13581
PUBLISHED: 2019-11-15
An issue was discovered in Marvell 88W8688 Wi-Fi firmware before version p52, as used on Tesla Model S/X vehicles manufactured before March 2018, via the Parrot Faurecia Automotive FC6050W module. A heap-based buffer overflow allows remote attackers to cause a denial of service or execute arbitrary ...
CVE-2019-13582
PUBLISHED: 2019-11-15
An issue was discovered in Marvell 88W8688 Wi-Fi firmware before version p52, as used on Tesla Model S/X vehicles manufactured before March 2018, via the Parrot Faurecia Automotive FC6050W module. A stack overflow could lead to denial of service or arbitrary code execution.