On a fairly regular basis, I come across pages like this one from SANS, which contain fascinating information taken from exploit kit control panels:
There’s all sorts of interesting numbers in that picture. For example, the success rate for owning XP machines (19.61%) is three times that of Windows 7. (As an aside, the XP number is perhaps lower than “common wisdom” in the security community would have it.) There are also numbers for the success rates of exploits, ranging from Java OBE at 35% down to MDAC at 1.85%.
I’m fascinated by these numbers, and have two questions:
- Is anyone capturing the statistics shown and running statistics over time?
- Is there an aggregation of all these captures? If not, what are the best search terms to find them?