January 17, 2010 - News of an exploit being used to target a zero-day vulnerability in Internet Explorer (BID 37815) was announced on Thursday, January 14th. According to Microsoft, the vulnerability affects Internet Explorer 6, 7, and 8, which together make up (continue reading...) Read more
January 8, 2010 - Last December we saw a couple of malicious JavaScript strings being pasted into Web sites on compromised servers. The beginning of the scripts look like one of the following: <script>/*GNU GPL*/ try{window.onload = function(){var ~ <script>/*CODE1*/ try{window.onload = function(){var ~ We’ve now confirmed (continue reading...) Read more
January 6, 2010 - When I worked at a small business the IT guy also took care of the phone system, assembled bookcases if needed, and occasionally worked the front desk when the receptionist was on break. In a small business everyone wears many (continue reading...) Read more
December 18, 2009 - Those looking to see the latest 3D blockbuster movie, The Avatar, on the cheap will have to take great care in what they search for. We have become aware of at least one site that has been rigged to redirect (continue reading...) Read more
December 17, 2009 - We have recently learned of yet another zero-day exploit in Adobe Acrobat. This time it's an overflow for a special type parameter in a function provided by the multimedia.api plugin that can be manipulated from JavaScript in the following (continue reading...) Read more
December 9, 2009 - A peak of new infections of Trojan.Mebroot has been found in the wild and after some investigation the data shows that there is a new wave of Mebroot Trojans being distributed through a popular exploit pack. The binary executables are (continue reading...) Read more
December 3, 2009 - The Mozilla Firefox browser is constantly gaining in popularity. A recent market share survey by Net Applications awards Firefox with 24% of users worldwide. One of the key philosophies of Firefox is that its functionality can easily be extended using (continue reading...) Read more
December 1, 2009 - Piggybacking (pun intended) on the swine flu pandemic is the Zeus bot crew, whose latest offering comes in the guise of an email purporting to come from the CDC (Center for Disease Control). The email contains a link to a (continue reading...) Read more
November 30, 2009 - The Koobface gang has been keeping themselves busy of late. Like Santa's little elves, they’re beavering away, creating and checking their fake Facebook and YouTube video sites and packin' it (the worm, that is) twice. The latest campaign involves posting (continue reading...) Read more
November 28, 2009 - The car accident involving Tiger Woods last night outside his home in Windemere, Florida has been generating a lot of heat as far as Web traffic and searches go. Since the news broke, the top web searches on Google has (continue reading...) Read more
November 27, 2009 - Security Response has discovered a threat that is being talked about among some members of certain discussion groups in Japan. The threat, named Infostealer.Kenzero, teaches yet another lesson to those using file-sharing networks not to download illegal games. Infostealer.Kenzero (continue reading...) Read more
November 25, 2009 - Okay, I did just coin the term “AV Friday” as a joke and it’s not to be taken too seriously. So, what is AV Friday all about? Many people living in the U.S. will be familiar with the term (continue reading...) Read more
November 23, 2009 - Once again Zeus is up to its old tricks with a new twist. The latest spam run informs users that their latest Social Security statement is available but it may contain errors. The subject of the mail will be something (continue reading...) Read more
November 20, 2009 - I had the honor recently of moderating a virtual roundtable discussion on the top Internet security trends from 2009 and what we expect to see in the security threat landscape in 2010. Funny thing about security predictions—you hope they won’t (continue reading...) Read more
November 19, 2009 - We are monitoring new malicious attacks that look similar to the fake "Microsoft Outlook reconfigure" spam campaign messages we have been observing for the last couple of months. That malicious campaign was followed by attacks on social networking sites, transforming (continue reading...) Read more
October 14, 2009 - This post is made on behalf of my colleague Manoj Venugopalan, Malware Analyst for Symantec Hosted Services. AutoIT, a free automation language for Windows platform-based development, is often used for scripting Windows-based applications and sometimes misused for creating malware. AutoIT scripts (continue reading...) Read more
October 6, 2009 - Further analysis of Rustock reveals some interesting insights regarding how it seems to have settled into a remarkably predictable pattern of spamming in the last few months - so regular that it may be possible to set your watch by (continue reading...) Read more