HoneyGrid Reveals 95% of User Generated Content is Spam or Malicious
Websense Security Labs has published its bi-annual State of Internet Security report and, as usual, it makes for pretty interesting if somewhat scary reading.
Covering the last six months of 2009, the report is based upon the findings of the ThreatSeeker Network which is used to discover, classify and monitor global Internet threats and trends courtesy of something called the Internet HoneyGrid.
Makes you wonder if someone searching for you actually finds you, or just the 'noise.'
So what did the HoneyGrid have to report about the Internet security threatscape for Q3/Q4 2009?
Here are the key findings:
Covering the last six months of 2009, the report is based upon the findings of the ThreatSeeker Network which is used to discover, classify and monitor global Internet threats and trends courtesy of something called the Internet HoneyGrid.
Makes you wonder if someone searching for you actually finds you, or just the 'noise.'
So what did the HoneyGrid have to report about the Internet security threatscape for Q3/Q4 2009?
Here are the key findings:
- 13.7% of searches for trending news/buzz words (as defined by Yahoo Buzz & Google Trends) led to malware.
- The second half of 2009 revealed a 3.3% decline in the growth of malicious Web sites compared to the first half of the year. Websense Security Labs believes this is due to the increased focus on Web 2.0 properties with higher traffic and multiple pages.
- However, comparing the second half of 2009 with the same period in 2008, Websense Security labs saw an average of 225% growth in malicious Web sites.
- 71% of Web sites with malicious code are legitimate sites that have been compromised.
- 95% of user-generated posts on Web sites are spam or malicious.
- Consistent with previous years, 51% of malware still connects to host Web sites registered in the United States.
- China remains second most popular malware hosting country with 17%, but during the last six months Spain jumped into the third place with 15.7% despite never having been in the top 5 countries before.
- 81% of emails during the second half of the year contained a malicious link.
- Websense Security Labs identified that 85.8% of all emails were spam.
- Statistics for the second half of 2009 show spam emails broke down as 72% (HTML), 11.2% (image), 14.4% (plain text with URL) and 2.4% (plain text with no URL).
- 35% of malicious Web-based attacks included data-stealing code.
- 58% of all data-stealing attacks are conducted over the Web.
De-Anonymizing Social Network Users
The H has an article about some researchers who found a new way to de-anonymize people. Compared to the EFF's Panopticlick, the goal of this experiment is not to identify a user's browser uniquely, but to identify individual users.
The test essentially exploits the fact that many social network users are identifiable by their membership of various groups. According to the researchers, it's very unlikelly that two people on any social network will belong to exactly the same groups. A 'group fingerprint' can thus allow websites to identify previously anonymous visitors. They describe the setup and all details and the results look very interesting.
They also have a live demo for the social network Xing that was able to de-anonymize me.
The test essentially exploits the fact that many social network users are identifiable by their membership of various groups. According to the researchers, it's very unlikelly that two people on any social network will belong to exactly the same groups. A 'group fingerprint' can thus allow websites to identify previously anonymous visitors. They describe the setup and all details and the results look very interesting.
They also have a live demo for the social network Xing that was able to de-anonymize me.
Subscribe to:
Posts (Atom)
