October 18, 2011 - On October 14, 2011, a research lab with strong international connections alerted us to a sample that appeared to be very similar to Stuxnet. They named the threat "Duqu" because it creates files with the file name prefix (continue reading...) Read more
October 12, 2011 - Contributors: Shunichi Imano October 2011 marks the eighth annual “National Cyber Security Awareness Month” to be held in the United States. One highly visible concern that makes this year different from previous years is the triple-digit growth rates that are being (continue reading...) Read more
October 11, 2011 - Hello and welcome to this month’s blog on the Microsoft patch release. This is an average month — the vendor is releasing 8 bulletins covering a total of 23 vulnerabilities. Nine of the issues are rated ‘Critical’ and they affect Internet (continue reading...) Read more
October 9, 2011 - On October 9th a German hacker group going by the name of the Chaos Computer Club (CCC) published an analysis of what they claim to be government spying software. The analysis is a 20 page PDF file describing how (continue reading...) Read more
October 7, 2011 - Analysis by Poul Jenson and Masaki Suenega Spotted by Karthik Selvaraj Here at Symantec Security Response we have discovered Python.Pytroj, a proof-of-concept virus that infects .pyc files with arbitrary code. In case you are unfamiliar with Python here is a brief (continue reading...) Read more
October 5, 2011 - Technical analysis: Poul Jensen, Illustrations: Ben Nahorney Meet Downloader.Chepvil, a malware that has been creating quite a lot of noise recently, hitting inboxes far and wide. This threat begins life as an innocent-looking email and quickly transforms itself into a (continue reading...) Read more
September 27, 2011 - Some of the newest printers have scan-to-email ability, a feature that allows users to email scanned documents to a specified email address on demand. Symantec Intelligence has identified malware authors using social engineering tactics that take advantage of this, sending (continue reading...) Read more
September 27, 2011 - Some of the newest printers have scan-to-email ability, a feature that allows users to email scanned documents to a specified email address on demand. Symantec Intelligence has identified malware authors using social engineering tactics that take advantage of this, sending (continue reading...) Read more
September 19, 2011 - W32.Morto first made headlines in August because of its capability to spread by Windows Remote Desktop Protocol (RDP). The worm was unique because it was the first of its kind to use the protocol. However, this wasn't the only (continue reading...) Read more
September 19, 2011 - The word ‘Nimda’ may not be the most well remembered in the cyber-crime hall of fame but as malicious worm outbreaks go, Nimda certainly contributed to the malware landscape and was able to cause havoc on 18 September, 10 years (continue reading...) Read more
September 13, 2011 - (Note: This blog was written on September 2. We decided to postpone publishing it due to an ongoing joint effort to shut down servers and block domain names. The variant studied is not the latest but accurately reflects the functionalities (continue reading...) Read more
September 13, 2011 - Thanks to Takayoshi Nakayama for his research and contributions to this blog. Targeted attacks have been a pretty popular topic of discussion in the security industry in recent years. Many may recall the incident involving Hydraq—from January 2010—and Shady (continue reading...) Read more
September 13, 2011 - Hello and welcome to this month’s blog regarding the Microsoft patch release. This is a smaller month in terms of patches—the vendor has released five bulletins covering a total of 15 vulnerabilities. This month, all of the issues are rated “Important” (continue reading...) Read more
September 9, 2011 - Thanks to Vivek Krishnamurthi for contributing to this blog. Every sensitive event is an opportunity to exploit. With this motive in the background, it is not surprising to see spammers exploit 9/11. With the 10th anniversary of the tragedy just a (continue reading...) Read more
September 7, 2011 - Ten years later, it is tempting to say that the September 11th terrorist attacks against the U.S. changed everything. It is indisputable that it changed many things, and without a doubt it changed how we think about security, how we (continue reading...) Read more
September 1, 2011 - Picture this news story: “42 suspects in three countries were arrested today in connection with the attempted theft of intellectual property from XYZ Corp. XYZ Corp. worked with law enforcement in each country in order to identify and apprehend the (continue reading...) Read more
August 31, 2011 - There has been a lot of coverage of the recent RDP capable W32.Morto worm, but one of the more interesting aspects of the worm’s behavior appears to have been overlooked. Most malware that we have seen recently has some (continue reading...) Read more
August 26, 2011 - W32.Xpaj.B is one of the most complex and sophisticated file infectors Symantec has encountered. In an older blog post, Piotr Krysiuk calls it an “upper crust file infector.” He describes several different approaches that the infector uses to (continue reading...) Read more
August 19, 2011 - In 2004, Massachusetts Senator Edward “Ted” Kennedy was refused an airline boarding pass by the Transportation Security Administration (TSA) on five different occasions. Despite being from one of the most famous families in American politics, not to mention being a U.S. (continue reading...) Read more
August 18, 2011 - An increasing number of photo sharing and social networking sites have facial recognition software to help users identify and “tag” people in photos. I don’t have much use for this type of feature; for me looking at old photos is (continue reading...) Read more