January 4, 2011 - A new variant of the infamous Waledac worm has come to light due to our friends at Shadowserver.com. Symantec detects this variant as W32.Waledac.B. The Modus Operandi used in this Waledac campaign has not changed much since we (continue reading...) Read more
January 4, 2011 - Posted on behalf of Mathew Nisbet, Malware Data Analyst Over the 2010 Christmas holiday, the level of spam in circulation has dropped drastically. For example, at the time of writing, the amount of spam hitting our spam honeypots is the lowest (continue reading...) Read more
December 21, 2010 - Posted on behalf of Martin Lee, Senior Software Engineer, Symantec Hosted Services Information security is all about maintaining the confidentiality, integrity and availability of data. At this time of year, no information security asset is more important than Santa’s ‘naughty or (continue reading...) Read more
December 21, 2010 - Following my recent blog on W32.Yimfoca.B, it was clear that W32.Yimfoca also received a facelift (no pun intended). W32.Yimfoca.B spreads through instant messaging applications and once installed will download and install W32.Yimfoca. The latest version of W32.Yimfoca is (continue reading...) Read more
December 17, 2010 - Posted on behalf of Matt Sergeant, Senior Anti-spam Technologist, Symantec Hosted Services As of this week, Canada joins the rest of the G8 countries with its very own anti-spam law. Until now, Canada has been the only G8 country without anti-spam (continue reading...) Read more
December 17, 2010 - Bad predictions are soon forgotten. This can be a blessing for those in the prediction business. The guy on the local news that predicts the weather doesn’t always get it right, but we still tune in the next night for the (continue reading...) Read more
December 17, 2010 - We have recently found samples of a new C&C (command-and-control) engine, named Dream Loader, and detected as Trojan.Karagany by Symantec products, that is being used in the wild. The engine comes in a pack that contains both a builder (continue reading...) Read more
December 17, 2010 - Posted on behalf of Nicholas Johnston, Senior Software Engineer, Symantec Hosted Services This year's soccer FIFA World Cup in South Africa, enjoyed by millions, was also used by both 419/advance fee fraud scammers and malware authors to lure unsuspecting victims into (continue reading...) Read more
December 16, 2010 - The volume of spam continues to drop. We have been monitoring the decline in overall spam volume over the last few months, and the downtrend continued in November. The average daily volume in November dropped 17.4 percent month-over-month. Compared to (continue reading...) Read more
December 15, 2010 - I notice that among the 17 security bulletins just released by Microsoft on Patch Tuesday, MS10-092 addresses the Task Scheduler vulnerability prominently exploited by Win32/Stuxnet. We will be updating our Stuxnet analysis shortly, but what's really notable about this (continue reading...) Read more
December 14, 2010 - Hello and welcome to this month’s blog on the Microsoft patch release. This is another large release —the vendor is releasing 17 bulletins covering a total of 40 vulnerabilities. Eight of the issues are rated ‘Critical’ and they affect Internet Explorer (continue reading...) Read more
December 10, 2010 - Posted on behalf of Nicholas Johnston, Senior Software Engineer, Symantec Hosted Services Spammers abusing free hosting sites by using them for hosting spam-related content is nothing new, but this abuse has turned into much more sophisticated, multi-layer abuse. Instead of just including (continue reading...) Read more
December 7, 2010 - Posted on behalf of Tony Millington, Malware Operations Engineer, Symantec Hosted Services On Friday 3rd December at 12:41 Skeptic stopped a new virus that we had not seen before, a targeted attack against a government body using WikiLeaks as social engineering (continue reading...) Read more
December 7, 2010 - Wikileaks.org is in the news after their recent publications linked to leaked government documents. Spammers are now leveraging the current level of interest with social engineering techniques to infect users’ computers. Symantec is observing a wave of spam spoofing WikiLeaks (continue reading...) Read more
December 7, 2010 - We have become familiar enough with malware creators poisoning popular search engine terms through SEO techniques in order to deliver their malicious files to a greater pool of unsuspecting users. Other popular services such as Twitter have not escaped the (continue reading...) Read more
December 6, 2010 - The latest W32.Yimfoca.B variants can target malicious links in no fewer than 44 countries and nearly 20 different languages. It has also increased the number of instant messaging applications to include most of the popular IM clients. Here is a (continue reading...) Read more
December 6, 2010 - Tomorrow (December 7) we will release our MessageLabs Intelligence 2010 Annual Security Report looking back at the changes in the threat landscape during 2010. We also use the opportunity to look ahead at potential trends for next year. In the (continue reading...) Read more
December 6, 2010 - Tomorrow (December 7) we will release our MessageLabs Intelligence 2010 Annual Security Report looking back at the changes in the threat landscape during 2010. We also use the opportunity to look ahead at potential trends for next year. In the (continue reading...) Read more
December 3, 2010 - On December 7 we will release our MessageLabs Intelligence 2010 Annual Security Report looking back at the changes in the threat landscape during 2010. We also use the opportunity to look ahead at potential trends for next year. In the (continue reading...) Read more
December 2, 2010 - Posted on behalf of Martin Lee, Senior Software Engineer, Symantec Hosted Services Targeted Trojans are bespoke pieces of malware written by someone who is trying to access information from an identified individual. This particular Trojan demonstrates some of the tricks used (continue reading...) Read more