I used to be so diligent.

Phonebusters would release their statistics for the previous month in identity theft and I would be right on it, frantically typing away in an effort to share the latest news with all of our readers. However, the last two months have seen a dramatic shift in my posting habits. Last month, I didn't write anything until the 20th and this month, I'm making my post on the 18th.

Websense released their State of Internet Security Report for the first half of 2009. While this report's conclusions are nothing new (malicious software, cybercrime, and spam are all growing more common), it does contain some particularly interesting statistics that I would like to share.

Here are some of the report's highlights:

• The number of malicious sites has grown by 671% over the last year.
• 77% of web sites with malicious content are actually legitimate sites that have been compromised by cyber criminals.
• 95% of comments on chat rooms, blogs and forums are either spam or malicious code.
• 57% of data stealing attacks are conducted over the web.

To celebrate its 20th anniversary, Pandalabs released an interesting list of the top cyber security threats it has investigated over the course of its history. Pandalabs 20th anniversary site is quite entertaining and I encourage each of you to go through and learn more about each of these security threats.

There are some familiar names in this list and some that you may not have heard of, so, to make it easier to learn more, I linked every one of these threats to a page that seems to do a good job of explaining it. Here is the list:

Since this blog went live, we have published a few different stories on scareware. Dan McCann started things off and threw down the gauntlet with a great article about scareware. Then, I published some results of research that PandaLabs performed - this research demonstrated that scareware was growing at an incredibly fast pace.

And today came news that the New York Times, that venerable, highly respected publication was hosting a piece of scareware. While details are still scant, according to an article written by Riva Richmond, many viewers to the New York Times' web site were confronted with ads for scareware.

Our President just told me about this and I was so excited that I thought I should blog about it. Please feel free to pass this article around to all your friends and family.

Costco.ca has SmartSwipe available on their web site for $30 off! And, futureshop.ca has SmartSwipe available for $20 off.

People who spread malicious software via the web are smart. They are adept at watching the news, predicting search trends, and gaming search engines so that their malware infested pages can rank high for 'soon-to-be-popular' search terms. To do this, they use a variety of legitimate tools (such as Google's amazing Insights for Search tool) and a variety of 'black-hat' search tactics (such as paid links, building a group of interlinked pages, and injecting links on fraternity guest books).

Begrudging respect aside, V3.co.uk reported that cyber-criminals have begun targeting search terms related to the recent outbreak of wildfires in California. Think about this for a moment - people are interested in learning more about this major news story. They want to learn how to protect their homes, and they want to learn about how their friends and families are weathering this latest disaster. Isn't it sad that criminals choose to target these kinds of people?

Symantec came out with another very interesting piece of research last week. They published their "Dirtiest Web Sites of Summer 2009". These sites are the worst of the worst security offenders. Common threats include phishing attempts, malicious downloads, browser exploits and links to other unsafe sites.

On average, sites in this list contain an astounding 18,000 threats per site. Forty of the sites on this list have over 20,000 threats. And one particular offender has 23,414 serious security threats. And, finally, the Symantec list contains some information that will refute the notion that extremely dangerous sites are taken down quickly. It turns out that 3/4 of the sites on the list have been hosting threats for more than six months...

Last week, Cyveillance, a company which works in cyber intelligence, released another one of those truly chilling reports that cross my desk and compel me to write something in this blog. The "1H 2009 Cyber Intelligent Report" covered a number of interesting areas, but, perhaps the most interesting looked at how well security vendors are keeping up with the flood of malicious software that has been released.

If you follow this blog, you will know that I frequently write about how quickly malicious software has been growing. That alone is scary, but what will happen if security vendors cannot keep up? The Cyveillance report seems to suggest that security vendors are having trouble keeping up - if their numbers are to be believed, there could be dire times ahead.