Threatscape Report – May 2009 Edition

The following statistics are compiled from Fortinet’s FortiGate network security appliances and intelligence systems for the period April 21st – May 20th, 2009.

Table of Contents: Exploits and Intrusion Prevention Top 10 Exploitations & Regions New Vulnerability Coverage Malware Today Top 10 Variants Regions & Volume Spam and Email Threats Spam Rate & Regions Top 3 In The Wild Crawling the Web Web Traffic & Growth Activity Recap

FortiGuard Global Threat Research

Exploits and Intrusion Prevention

Top 10 Exploitations & Regions

Top 10 exploitation attempts detected for this period, ranked by vulnerability traffic. Percentage indicates the portion of activity the vulnerability accounted for out of all attacks reported in this edition. Severity indicates the general risk factor involved with the exploitation of the vulnerability, rated from low to critical. Critical issues are outlined in bold:

Figure 1a: Top 5 regions by detected exploit attempts

New Vulnerability Coverage

There were a total of 140 vulnerabilities added to FortiGuard IPS coverage this period. Of these added vulnerabilities, 65 were reported to be actively exploited (46.4%). Figure 1b breaks down added vulnerabilities by severity, coverage and active exploitation in the wild. For more information, observe the detailed reports for this period at: Intrusion Prevention – Service Update History

Figure 1b: New vulnerability coverage for this edition, categorized by severity

Malware Today

Top 10 Variants

Top 10 malware activity by individual variant. Percentage indicates the portion of activity the malware variant accounted for out of all malware threats reported in this edition. Top 100 shifts indicate positional changes compared to last edition’s Top 100 ranking, with “new” highlighting the malware’s debut in the Top 100. Figure 2 below shows the detected volume for the malware variants listed within the Top 5: