M86 Security Labs Blog
We revisit and analyze the world's worst spamming botnet - Rustock.
Adobe releases PDF patch for Reader and Acrobat
June 30, 2010The latest security update addresses 17 vulnerabilities in Adobe's Acrobat and Reader products.
GootKit - Automated Website Infection
June 30, 2010The GootKit bot uses stolen FTP credentials to insert malicious IFrame code into web pages.
Another round of Asprox SQL injection attacks
June 23, 2010The Asprox bot is behind some of the latest SQL injection attacks.
Amazon, Flixster, GoDaddy names targeted by spammers
June 21, 2010Yet more pharmaceutical spam campaigns mimicking legitimate online stores and brands.
Skype 'Extras Manager' Vulnerability Found In The Wild
June 16, 2010Vendors who disclose vulnerability information should be aware that their users aren't the only ones monitoring them.
Pushdo uses World Cup Theme to Spread Malware
June 14, 2010Pushdo is sending spam with HTML attachments which take users to a malicious website and a Canadian Pharmacy website. Subject lines refer to the FIFA World Cup and Twitter.
OVERVIEW - Week ending July 25, 2010
Spam as a Percentage of Email
This gauge represents spam as a percentage of total incoming email. The figure is derived from incoming email and other sources monitored by M86 Security Labs. Reports on the percentage of spam in email can vary wildly - anywhere from 30% to 90%. In fact the volume of spam fluctuates substantially from day to day and week to week. Also, different organizations and countries experience different volumes of spam. We typically see fluctuations between 75% to 95%.
Threat Statistics
Spam Volume Index (SVI)
The SVI is a measure of the volume of spam sent to a representative sample of the honeypot domains that we monitor. Spam volume has recovered strongly since the major spam botnets were disabled following the take down of the McColo network last November.
Threat Resources
- Security Report:
Security Labs Recap Report 1H2010 - Security Report:
Man-in-the-Middle Malware: Between You and Your Money - Security Report:
Web Exploits: There's an App for That - White Paper:
Defense-in-Depth Anti-Spam Engine - White Paper:
Rise and Fall of Image Spam
(updated March 2008) - White Paper:
SpamCensor Explained - User Discussion:
M86 Security Forums
About Security Labs
M86 Security Labs (Threat Research and Content Engineering labs) is a group of M86 Security analysts who constantly monitor and respond to Internet security threats. Security Labs provides a service to M86 Security customers as part of standard product maintenance. The service includes updates to M86 Security's unique, proprietary anti-spam technology, SpamCensor. Security Labs analyzes spam, phishing and Internet security trends and provides frequent automated updates to M86 Security customers. Security Labs also provides "Zero Day" security protection to secure M86 Security customers against new email and virus exploits the day they emerge.
The Security Labs web pages are a sample of the data-gathering and technical analysis methods that M86 employs. We will be adding additional statistics and new threat monitors over time so please check back regularly for news, information and new content. Feel free to email the Security Labs Team with any questions you may have: ΤRΑCΕ@m86security.com.