Barracuda Networks issued a press release this morning discussing two presentations that will occur in Las Vegas this week and the release of their 2010 Mid-year Security Report.

The first presentation, titled "The Dark Side of Twitter", will be given at Security BSides Las Vegas this afternoon at 3:00 PST. This presentation will explore the data that Barracuda has collected that shows that Twitter use continues to rise. Along with that rise is an increase in the amount of malware that advertises itself via Twitter.

The second presentation, titled "Searching for Malware", will be given at Defcon 18 at 11:00 a.m. PST, Saturday, July 31st. It explores two months worth of search data collected by Barracuda Networks looking for trends in malware distribution and the search engines that return the most results which point to malware distribution sites.

Finally, the Barracuda Labs 2010 Mid-year Security report will be available soon. You will be able to find it here

More information can be found on the Barracuda Labs website and on the Barracuda Blog.

Full Press Release:

Google Crowned “King of Malware” – Has Two Times More Malware than Bing, Yahoo! and Twitter Combined

Barracuda Labs Issues 2010 Midyear Security Report, Presents Findings at DefCON 18 and Security BSides Las Vegas
Campbell, Calif. (July 28, 2010) –– Barracuda Networks Inc., a leading provider of content security, data protection and application delivery solutions, today released its Barracuda Labs 2010 Midyear Security Report, revealing data from two key areas: search engine malware  and Twitter use and crime rate. The company is presenting this data at Security BSides Las Vegas and DefCON 18 this week in Las Vegas. The full report is available at the company’s security research portal at

Searching for Malware
Barracuda Labs conducted a study across Bing, Google, Twitter and Yahoo!, over a roughly two-month period. The analysis reviews more than 25,000 trending topics and nearly 5.5 million search results. The purpose of the study was to analyze trending topics on popular search engines to understand the scope of the problem and to identify the types of topics used by malware distributors. The results will be presented at DefCON 18 on Saturday, July 31, at 11:00 a.m. PT, at the Riviera Hotel & Casino.

Key highlights from the search engine study include:

  • Overall, Google takes the crown for malware distribution – turning up more than twice the amount of malware as Bing, Twitter and Yahoo! combined when searches on popular trending topics were performed. Google presents at 69 percent; Yahoo! at 18 percent; Bing at 12 percent; and Twitter at one percent.
  • The average amount of time for a trending topic to appear on one of the major search engines after appearing on Twitter varies tremendously: 1.2 days for Google, 4.3 days for Bing, and 4.8 days for Yahoo!
  • Over half of the malware found was between the hours of 4:00 a.m. and 10:00 a.m. GMT.
  • The top 10 terms used by malware distributors include the name of a NFL player, three actresses, a Playboy Playmate and a college student who faked his way into Harvard.

The Darkside of Twitter
Barracuda Labs analyzed more than 25 million Twitter accounts, both legitimate and malicious. The purpose of this part of the study was to measure and analyze account behavior on Twitter in order to model normal user behavior and identify features that are strong indicators of illegitimate account use. The study reviews several key areas including True Twitter Users1, Twitter Crime Rate2, and Tweet Number3. The results will be presented at Security Bsides Las Vegas on Wednesday, July 28, at 3:00 p.m. PT, at the 2810 Resort.

Key highlights from the Twitter research include:

  • In general, activity is increasing on Twitter: more users are coming online; True Twitter Users are tweeting more often, and even casual users are becoming more active. As users become more active, the malicious activity also increases.
  • Only 28.87 percent of Twitter users are actual True Twitter Users.
  • Half of Twitter users tweet less than once a day, yet one in 10 users tweet five or more times a day and 30 percent of Twitter accounts have never tweeted.
  • One in every eight Twitter users has at least 10 times more followers than they are following.
  • Only one in 10 users is following more than 100 users, and almost half are following less than five.
  • The Twitter Crime Rate for the first half of 2010 was 1.67 percent.

To review the complete Barracuda Labs 2010 Midyear Security Report and the company’s security portal, please visit

About Barracuda Networks Inc.
Barracuda Networks Inc. combines premises-based gateways and software, virtual appliances, cloud services, and sophisticated remote support to deliver comprehensive content security, data protection and application delivery solutions.  The company’s expansive product portfolio includes offerings for protection against email, Web and IM threats as well as products that improve application delivery and network access, message archiving, backup and data protection. Coca-Cola, FedEx, Harvard University, IBM, L'Oreal, and Europcar are among the more than 100,000 organizations protecting their IT infrastructures with Barracuda Networks’ range of affordable, easy-to-deploy and manage solutions.  Barracuda Networks is privately held with its International headquarters in Campbell, Calif.  For more information, please visit

#  #  #
Download the Barracuda Labs 2010 Midyear Security Report at
View the Barracuda Labs security research portal at
Follow Barracuda Labs on Twitter at @barracudalabs.

1 – ‘True Twitter User’ is defined as a user that has at least (≥) 10 followers, follows at least (≥) 10 people, and has tweeted at least (≥) 10 times.
2 – ‘Twitter Crime Rate’ is defined as the percentage of accounts created per month that were eventually suspended for malicious or suspicious activity, or otherwise misused.
3 – ‘Tweet Number’ is defined as a user’s average number of tweets per day.
#  #  #


RSA Europe 2010 has opened press registration. The registration page can be reached here.



One of my friends has decided, in her words, to, "..enter the fray w/my very own blog." It is called TopHeavySecurity. Her first post is up and is an excellent start.

She is a practicing QSA with some great insights and a nice writing style.

Go show her some love.



For those who are in the Des Moines, IA general area, the second official meeting of the casual information security professional's get together, DSMSec, is happening on June 14th, i.e. this coming Monday. Come on down and enjoy some good conversation and some yummy nibbles.

Note: Nibbles and drinks are on you, conversation is free. 🙂

Details here:

We also have a Google Group here:



Chris Hoff took his three young girls to Source Boston with him last week.

First, VERY COOL and it sounds like they had a good time.

Second, it started some thoughts in his head, some conversations with others and the creation of something that will be most excellent.

HacKid Conferences

From the website:

The idea really revolves around providing an interactive, hands-on experience for kids and their parents which includes things like:

  • Low-impact martial arts/self-defense training
  • Online safety (kids and parents!)
  • How to deal with CyberBullies
  • Gaming competitions
  • Introduction to Programming
  • Basic to advanced network/application security
  • Hacking hardware and software for fun
  • Build a netbook
  • Make a podcast/vodcast
  • Lockpicking
  • Interactive robot building (Lego Mindstorms?)
  • Organic snacks and lunches
  • Website design/introduction to blogging
  • Meet law enforcement
  • Meet *real* security researchers 😉

I think this is an awesome effort.

If you have ideas or are interested in helping out, you can contact the group via @HacKidCon on twitter or via email at


{ 1 comment }

Commenting vs Being Nasty

by kriggins on March 29, 2010

in Announcement, General

I am a big fan of comments on this blog. I really enjoy interacting with those who visit.

I am not a big fan of people who feel it is necessary to leave extremely nasty and vile remarks. Luckily, that hasn't been too much of a problem until today.

Today, somebody left a comment on the FBI Citizens' Academy post that was not aimed at having conversation about the topic.  The author's only intent was to call me names and say how bad the FBI is.

If the author was interested is discussing why he thought I should temper my enthusiasm, I would have left it there and responded. I actually started out editing the comment to remove the insults and innuendos I don't want my nieces and nephews to see 🙂 and then typed a reply.

Then I stopped.

The author didn't leave a legitimate email address and used an anonymous proxy to hide his IP address. If he didn't want to be contacted about his views, I sure wasn't going to waste my time addressing them.

Anyway, in light of this experience, I thought it time to make it clear what my policy is regarding comments on this blog. So here it is and it's really simple.

Comments Allowed

  • Comments that espouse my unfathomable wisdom 😉
  • Comments that add to the discussion.
  • Comments that disagree with me - Please. Go for it. I am happy to have a spirited debate.

Comments Disallowed

  • Anything I deem to be in poor taste or offensive. Yup. Anything, and I pick.

That's it in a nutshell. Please feel free to weigh in, just keep it civil 🙂



Well, I intended to do a nice post about the 2nd birthday of the blog with nifty stats and other fascinating tidbits, but, with the week we've had, it completely slipped my mind.

Two years ago on March 22nd, the first Infosec Ramblings post went live. At that time, it was on

Since then, there have been 490 posts, 799 comments, 1998 interesting bits linked to, and we are sneaking up on 1000 subscribers to the RSS feed.

Thank you to all of you out there who take the time to pay attention to my drivel and be assured that it will continue. 🙂



I am really excited about a new opportunity that I can finally talk about.

No, I am not joining the FBI....yet 🙂 I have, however, been accepted to the FBI Citizens' Academy.

From the FBI Citizens' Academy site:

Want to find out first hand how the FBI works? Hear how the Bureau tracks down spies and terrorists? Learn how to collect and preserve evidence? See what it is like to fire a weapon and put yourself in the shoes of a Special Agent making a split-second, life-or-death decision?

I think this is going to be a lot of fun and give me a much greater understanding and appreciation of what the FBI does.

Here is a link to a Q&A with some folks that have attended.

I will be blogging about the experience as much as I am allowed.


Reblog this post [with Zemanta]


The Catalyst Career Compass Program

by kriggins on February 16, 2010

in Announcement, Career

If you are employed, you have a job, but do you have a career? Do you want one? What do you want it to look like?

If you have a career, is it going where you want it to? Need some help from a supportive and objective partner who will lead you through a critical assessment of where you are and where you want to go?

Michael Santarcangelo is starting a new service called the Catalyst Career Compass program over at the Security Catalyst. From the description:

Career Compass Overview

Whether you are currently a Security Professional or want to become one, this highly flexible program will help you set and meet your professional ambitions while serving lifestyle goals.

Set your Career Compass:

  • To prepare for a raise
  • To receive a promotion
  • For career development
  • If you are ready to move into the security field
  • To find a new position (within your current company or outside it)

Michael is truly dedicated to helping others. He is looking to iron the wrinkles out of the program with a first batch of guinea pigs...I mean...beta testers 🙂

Check out the post and let Michael or me know if you are interested in participating. I truly believe that you find great benefit from working with Michael and also a new good friend in the process.



Sorry for the Blog Downtime

by kriggins on February 11, 2010

in Announcement, Uncategorized

I apologize for the downtime today. It was entirely my fault.

Things should be okay now.