Two security issues have been identified in McAfee's SaaS Total Protection anti-malware software suite, one of which could allow an attacker to misuse an ActiveX control to execute code and turn affected PCs into spam servers. The other vulnerability involves a misuse of McAfee's "rumor" technology to allow an attacker to use an affected machine as an "open relay," which could also be used to send spam. Fixes for both are coming.

Security firm Symantec this week announced the results of its November 2011 Intelligence Report, a monthly analysis on the state of security and trending cyber threats. The roller coaster report notes that the number of targeted attacks quadrupled since January (boo!), but the global spam rate in November is not only the lowest all year, but for the past three years as well (yay!).

Symantec noticed an uptick in social engineering attacks in September, a trend the security outfit attributes to a rise in polymorphic malware in email, the company said in its recently released "Symantec Intelligence Report: September 2011." Spam levels dipped slightly in September to 74.8 percent of all email, a decrease of 1.1 percent from August, but a "deluge of malicious email-borne malware" more than made up for the drop in spam.

Sanford Wallace, the man who calls himself the Spam King, surrendered himself to the FBI on Thursday during a trip to Las Vegas. Now he'll face the throne of justice for being (allegedly, of course) a general pain in the backside of email users everywhere, and in particular to Facebook, in which he already owes $711 million in civil damages from a suit dating back to 2009.