Parisian Love - Google

Just a lighthearted video..



HoneyGrid Reveals 95% of User Generated Content is Spam or Malicious

Websense Security Labs has published its bi-annual State of Internet Security report and, as usual, it makes for pretty interesting if somewhat scary reading.

Covering the last six months of 2009, the report is based upon the findings of the ThreatSeeker Network which is used to discover, classify and monitor global Internet threats and trends courtesy of something called the Internet HoneyGrid.

Makes you wonder if someone searching for you actually finds you, or just the 'noise.'

So what did the HoneyGrid have to report about the Internet security threatscape for Q3/Q4 2009?

Here are the key findings:
  • 13.7% of searches for trending news/buzz words (as defined by Yahoo Buzz & Google Trends) led to malware.
  • The second half of 2009 revealed a 3.3% decline in the growth of malicious Web sites compared to the first half of the year. Websense Security Labs believes this is due to the increased focus on Web 2.0 properties with higher traffic and multiple pages.
  • However, comparing the second half of 2009 with the same period in 2008, Websense Security labs saw an average of 225% growth in malicious Web sites.
  • 71% of Web sites with malicious code are legitimate sites that have been compromised.
  • 95% of user-generated posts on Web sites are spam or malicious.
  • Consistent with previous years, 51% of malware still connects to host Web sites registered in the United States.
  • China remains second most popular malware hosting country with 17%, but during the last six months Spain jumped into the third place with 15.7% despite never having been in the top 5 countries before.
  • 81% of emails during the second half of the year contained a malicious link.
  • Websense Security Labs identified that 85.8% of all emails were spam.
  • Statistics for the second half of 2009 show spam emails broke down as 72% (HTML), 11.2% (image), 14.4% (plain text with URL) and 2.4% (plain text with no URL).
  • 35% of malicious Web-based attacks included data-stealing code.
  • 58% of all data-stealing attacks are conducted over the Web.
This comprises of honeyclients and honeypots, reputation systems and advanced grid computing systems, all of which combine to parse through one billion pieces of content every day while searching for security threats. Every single hour the Internet HoneyGrid scans some 40 million websites for malicious code as well as 10 million emails for unwanted content and malicious code.

De-Anonymizing Social Network Users

The H has an article about some researchers who found a new way to de-anonymize people. Compared to the EFF's Panopticlick, the goal of this experiment is not to identify a user's browser uniquely, but to identify individual users.

The test essentially exploits the fact that many social network users are identifiable by their membership of various groups. According to the researchers, it's very unlikelly that two people on any social network will belong to exactly the same groups. A 'group fingerprint' can thus allow websites to identify previously anonymous visitors. They describe the setup and all details and the results look very interesting.

They also have a live demo for the social network Xing that was able to de-anonymize me.

 
Google is a registered trademark of Google, Inc. This website is not associated, affiliated or endorsed by Google, Inc.