Key highlights of this report include:
(Webtorials membership required. Click here to register or if you forgot your username/password.)
- 79% of clicks on "Here You Have" email occurred within the first three hours of the worm's spread.
- Approximately 10% of Web malware was encountered via search engine traffic and/or services.
- During 3Q10, 7% of all Web malware encounters resulted from Google referrers, followed by Yahoo at 2%, Bing/MSN at 1% and Sina at 0.1%.
- Exploits targeted Sun Java increased from 5% of all Web malware encounters in July 2010 to 7% in September 2010.
- Exploits targeting Adobe Reader and Acrobat declined over the quarter, from 3% of all Web malware blocks in July 2010 to 1% in September 2010.
- 38% of those impacted with Stuxnet were located in the UK, 25% in Hong Kong, and 13% each in Brunei, the Netherlands, and Australia.
- At 5%, the Windows Print Spooler vulnerability exploited by Stuxnet was the 5th most prevalent event handled by Cisco Remote Operations Services (ROS) in 3Q10.
- The Rustock Botnet was the highest occurring ROS event in 3Q10, at 21% of events handled during the report period.
- Peak Rustock activity occurred in late August 2010, declining in September 2010.
- Among the top ten spam sending countries, volume of spam sent also dropped in September 2010 for 8 of the top ten countries. However, spam sent from Russia and the Ukraine increased in September 2010.
- Volume of "Here You Have" email reached a peak of 10% of all spam during the worm's initial outbreak.
- Volume of spoofed LinkedIn email delivering the Zeus Trojan
(Webtorials membership required. Click here to register or if you forgot your username/password.)
The title says it all.
This is a great report that covers a breadth of topics from web-based malware encounter rates to SQL interjection attacks to faked LinkedIn email, to mention a few.
A "Must Read."