April 4, 2011 - We are pleased to announce that Volume 16 of the Symantec Internet Security Threat Report (ISTR) is now available. There are some significant changes to the report this year, including several new metrics, a revamping of existing metrics, and (continue reading...) Read more
April 4, 2011 - 2011 Internet Security Threat Report Identifies Increased Risks for SMBs Kevin Haley, Director, Symantec Security Technology and Response Small businesses have flexibility that can provide them with a competitive edge in today’s Internet-based market. And, with ever more business being conducted (continue reading...) Read more
March 30, 2011 - Android.Walkinwat is the first mobile phone threat discovered in the wild that attempts to discipline users that download files illegally from unauthorized sites. Figure 1 – Messages displayed by the Trojan Presented as a non-existent version (V 1.3.7) (continue reading...) Read more
March 30, 2011 - In the past couple of days, Symantec has observed a spike of email attacks that are designed to distribute malicious threats. All of the observed samples are spoofed to appear as if they are legitimate delivery warnings or notifications from (continue reading...) Read more
March 29, 2011 - Currently a new and unpatched cross-site scripting (XSS) vulnerability in Facebook is being widely used to automatically post messages to other user’s walls. The vulnerability was used for some time in some smaller cases; however, it is now widely being (continue reading...) Read more
March 23, 2011 - Earlier today news was made public regarding nine fraudulent digital certificates which were issued by a company named Comodo. The certificates were issued through a breached registration authority (RA), causing the applicant to be improperly verified. Mozilla, Google, and Microsoft (continue reading...) Read more
March 23, 2011 - Recently at Symantec Security Response, we came across a seemingly innocuous program which was being hosted at a number of different URLs. What flagged the file as unusual was the fact many different customers were submitting the same file for (continue reading...) Read more
March 21, 2011 - Not only Facebook is adding new and interesting features to its toolbox; spammers and scammers in Facebook are, too. Currently there is a scam making rounds using a classic “who is viewing your profile” themed bait. So far (continue reading...) Read more
March 21, 2011 - When Brian Krebs posted a report about Rustock botnet takedown, Symantec observed a decline in overall spam traffic. Symantec.cloud posted a blog about this, and the Wall Street Journal is now reporting that Microsoft led this takedown. On (continue reading...) Read more
March 18, 2011 - The earthquake and aftershocks which have struck New Zealand in the last few months are still being exploited by spammers and phishers in an attempt to feed upon the fears of Internet users. Symantec has recently observed continued phishing attacks (continue reading...) Read more
March 17, 2011 - Symantec observed a spike of malicious spam activity in the early morning of March 16. These spam samples use subject lines related to the recent natural disaster in Japan and political unrest in the middle east. This blog discusses the (continue reading...) Read more
March 17, 2011 - St. Patrick’s Day is a religious holiday celebrated internationally on March 17. Traditionally, this day is celebrated with festive parades and music in Ireland, Europe, and even New York City. Among the many popular traditions that surround St. Patrick’s Day, (continue reading...) Read more
March 16, 2011 - As predicted in last month’s report, average daily global spam volume increased month-over-month for the first time since August 2010. The average daily spam volume increased 8.7 percent in February. This rise in spam volume also increased the overall spam (continue reading...) Read more
March 15, 2011 - In order to see what is happening in social networks, I sat down and analysed about half a million wall posts from people who have their profile public and visible to everyone over the last month. Obviously this represents only (continue reading...) Read more
March 15, 2011 - Symantec’s telemetry has shown over 12 million Intrusion Prevention Signature (IPS) hits on sub domains of the ‘CO.CC’ domain in the last six months. Anyone somewhat familiar with the top-level domain-naming hierarchy might be lead to believe that CO.CC (continue reading...) Read more
March 15, 2011 - Following the Trojan.Koredos incident, we stumbled upon a very interesting back door Trojan—Backdoor.Prioxer. We received this Trojan from a source that was also infected by Trojan.Koredos, and although we cannot prove a direct link between the two, we (continue reading...) Read more
March 14, 2011 - Only a few days ago, Japan experienced one of the worst earthquakes in its history. The earthquake registered 8.9 on the Richter scale and triggered an enormous tsunami. The heart-wrenching images on television have left the world shaken. It was (continue reading...) Read more
March 11, 2011 - AutoCAD is one of the most popular CAD (Computer-Aided Design) software applications available. It is used extensively in various professions, such as architecture, engineering, construction, infrastructure, manufacturing, and more. Back in December 2003, the first worm written in the AutoLISP scripting (continue reading...) Read more
March 11, 2011 - Recent Distributed Denial of Service (DDoS) attacks on a number South Korean websites have been in news for the past week. The threat responsible for carrying out these attacks is Trojan.Koredos. This attack is reminiscent of another attack, launched (continue reading...) Read more
March 10, 2011 - Following our initial post on the discovery of Android.Bgserv, Symantec has found additional Trojanized samples in the wild. After analysis of these new samples, it appears that the applications contain multiple bugs. In the case of the Trojanized (continue reading...) Read more