February 3, 2012 - In response to recent reports that malicious apps may have made their way into the official Android Market, Google has responded by announcing a new program to more proactively scan the Market and developer accounts for seemingly malicious apps and (continue reading...) Read more
January 18, 2012 - Rootkit stories show up in the mainstream media on a regular basis these days. While these stories raise public awareness about what the bad guys are doing, they usually leave readers wondering what they can do to protect themselves from (continue reading...) Read more
November 6, 2011 - In late September 2011, it was reported that a previously unknown and un-patched vulnerability in Hancom Office (a word processing software predominantly used in Korea) was exploited in the wild. We often hear of new exploits targeting software used (continue reading...) Read more
November 1, 2011 - The group that initially discovered the original Duqu binaries, CrySyS, has since located an installer for the Duqu threat. Thus far, no-one had been able to recover the installer for the threat and therefore no-one had any idea (continue reading...) Read more
October 26, 2011 - In recent days, we have seen blogs about a specific type of Mass Injection campaign. We take this opportunity to publish our findings in this blog. This particular campaign has already picked up pace and it is infecting a lot of (continue reading...) Read more
October 21, 2011 - I wrote Symantec's original blog post describing the discovery of Duqu. In that blog I use the term "industrial control system manufacturers" and (after discussions with a variety of parties) we want to change that term to "industrial industry (continue reading...) Read more
October 21, 2011 - As mentioned in our previous blog, W32.Duqu was first brought to our attention by a research lab who had been investigating a targeted attack on another organization. This research was conducted by the Laboratory of Cryptography and System Security (continue reading...) Read more
October 18, 2011 - On October 14, 2011, a research lab with strong international connections alerted us to a sample that appeared to be very similar to Stuxnet. They named the threat "Duqu" because it creates files with the file name prefix (continue reading...) Read more
October 7, 2011 - Contributor: Anand Muralidharan The sad news making the rounds these days is the death of Steve Jobs, Apple Co-founder and former CEO. His death has been a terrible loss to both Apple and Apple fans everywhere. Spammers are capitalizing on this incident (continue reading...) Read more
October 5, 2011 - Technical analysis: Poul Jensen, Illustrations: Ben Nahorney Meet Downloader.Chepvil, a malware that has been creating quite a lot of noise recently, hitting inboxes far and wide. This threat begins life as an innocent-looking email and quickly transforms itself into a (continue reading...) Read more
September 13, 2011 - Thanks to Takayoshi Nakayama for his research and contributions to this blog. Targeted attacks have been a pretty popular topic of discussion in the security industry in recent years. Many may recall the incident involving Hydraq—from January 2010—and Shady (continue reading...) Read more
September 7, 2011 - Ten years later, it is tempting to say that the September 11th terrorist attacks against the U.S. changed everything. It is indisputable that it changed many things, and without a doubt it changed how we think about security, how we (continue reading...) Read more
August 26, 2011 - W32.Xpaj.B is one of the most complex and sophisticated file infectors Symantec has encountered. In an older blog post, Piotr Krysiuk calls it an “upper crust file infector.” He describes several different approaches that the infector uses to (continue reading...) Read more
July 28, 2011 - The application's digital signature cannot be verified. Do you want to run the application? By: Rodrigo Calvo, CISSP Sebastian Brenner, CISSP Infostealer.Bancos is a detection name used by Symantec to identify particular malicious software programs that gather confidential financial information from (continue reading...) Read more
July 25, 2011 - The five-time Grammy award winner Amy Winehouse was found dead in London on July 23rd. Symantec has already observed spammers who are trying to capitalize on related news headlines by sending out malicious threats less than a day after the (continue reading...) Read more
July 13, 2011 - W32.Gammima.AG, an infostealer best known for targeting massively multiplayer online role-playing games, is now also going after a game on Facebook. This is the first time we have encountered the malware going after an app on Facebook. This particular malware (continue reading...) Read more
July 13, 2011 - W32.Gammima.AG, an infostealer best known for targeting massively multiplayer online role-playing games, is now also going after a game on Facebook. This is the first time we have encountered the malware going after an app on Facebook. This particular malware (continue reading...) Read more
July 11, 2011 - Once in a while, a piece of malware will come along that grabs headlines. Rarer is malware that is talked about around the water cooler (at places other than Symantec). But the rarest of all is malware that actually makes (continue reading...) Read more
July 11, 2011 - Once in a while, a piece of malware will come along that grabs headlines. Rarer is malware that is talked about around the water cooler (at places other than Symantec). But the rarest of all is malware that actually makes (continue reading...) Read more
July 6, 2011 - (continue reading...) Read more