January 18, 2012 - Rootkit stories show up in the mainstream media on a regular basis these days. While these stories raise public awareness about what the bad guys are doing, they usually leave readers wondering what they can do to protect themselves from (continue reading...) Read more
January 17, 2012 - Facebook scams have become a common propagation vector for scammers to earn commissions. But once in a while, something interesting happens that makes security researchers sit up and take notice. One such case is a scam that is currently fooling (continue reading...) Read more
January 12, 2012 - During the summer of 2011, one-click fraud targeting smartphones was discovered. One-click fraud has now become so common that doing a quick search for certain keywords on the Internet using a smartphone leads to a high possibility of coming across (continue reading...) Read more
January 10, 2012 - Hello, welcome to this month’s blog on the Microsoft patch release. This is a smaller month—the vendor is releasing seven bulletins covering a total of eight vulnerabilities. Only one of this month's issues is rated 'Critical' and it affects Windows Media. (continue reading...) Read more
January 10, 2012 - 2011 has seen some dramatic changes in the mobile landscape, with the ever-increasing growth rates in consumer adoption of smart phones. This has not gone on without getting the attention of the criminal fraternity, which has turned its attention to (continue reading...) Read more
January 9, 2012 - Contributors: Conor Murray, Paul Mangan. Fraudulent apps appearing on the official Android marketplace is an ongoing issue and one that we have blogged about in the past. Today we received reports of yet more fraudulent apps capitalizing on popular game (continue reading...) Read more
January 6, 2012 - A hacking group has gained access to some of the source code for Symantec's anti-virus product, that they claim they stole from Indian government servers. Read more
December 29, 2011 - Recently, we discovered malware in the wild in the form of document files, such as PDF and Word, using password protection. The malware are used as attachments in email in limited, targeted attacks. Passwords for document files are commonly used to (continue reading...) Read more
December 23, 2011 - Adobe Systems released a security update for Adobe Acrobat and Reader 9.x for Windows on December 16, 2011, in order to fix a zero-day vulnerability. As Vikram Thakur reported recently, there have been zero-day attacks using this PDF (continue reading...) Read more
December 19, 2011 - Hacktisivm, or as one blogger put it “Revolution 2.0”, is something I would describe as an activist agenda where there may be no visible monetary gain by the instigator. Instead the overall goal is to send a message or get (continue reading...) Read more
December 13, 2011 - Hello, welcome to this month’s blog on the Microsoft patch release. This is an average month—the vendor is releasing 13 bulletins covering a total of 19 vulnerabilities. Three of this month's issues are rated ‘Critical’ and they affect Media Player, Microsoft (continue reading...) Read more
December 13, 2011 - Thanks to Masaki Suenaga and Andy Xies for their analysis. Following the tweet from our @threatintel Twitter account last night about malicious applications targeting users in European countries, Symantec Security Response has identified another group of fraudulent apps on the (continue reading...) Read more
December 12, 2011 - Authored by Tony Millington and Gavin O’Gorman The intercepted email in this blog was provided by Symantec.cloud. The Nitro Attacks whitepaper, published by Symantec Security Response, was a snapshot of a hacking group’s activity spanning July 2011 to September 2011. (continue reading...) Read more
December 8, 2011 - Thanks to Stephen Doherty, Andrea Lelli, Nicolas Falliere, Paul Mangan, Asuka Yamamoto, and Sean Kiernan for their technical contributions. Recently, we posted two blogs about attacks leveraging the latest Adobe vulnerability. These attacks are part of a long-running series (continue reading...) Read more
December 8, 2011 - As underhanded as it is, there are people out there who want to spy on other people’s smartphone activity. However anyone looking to invade the privacy of a smartphone user may just as likely find themselves becoming a victim of (continue reading...) Read more
December 7, 2011 - With contributions from Manoj Venugopalan, Senior Malware Analyst, Symantec Introduction A new day and a new zero day PDF exploit used in a Targeted attack which our Skeptic heuristic engine stopped. This one exploits a vulnerability in the 3D engine in (continue reading...) Read more
December 7, 2011 - Adobe has issued a public advisory regarding a critical vulnerability (CVE-2011-2462) that affects: Adobe Reader X (10.1.1) and earlier versions for Windows and Macintosh Adobe Acrobat X (10.1.1) and earlier versions for Windows and Macintosh Adobe Reader 9.4.6 and earlier 9.x versions (continue reading...) Read more
December 7, 2011 - Spammers have used scare tactics in the past, notably during the swine flu outbreak in 2009. A similar spam campaign using scare tactics was observed during the weeks leading up to April 1, 2010 as an expansion of the (continue reading...) Read more
December 6, 2011 - Global spam is now at the lowest it has been since November 2008, when the rogue ISP McColo was closed-down. The effect on spam volumes back then were very dramatic and spam accounted for 68.0% of global emails. More recently (continue reading...) Read more
November 30, 2011 - A wise man once said, “Whoever wishes to foresee the future must consult the past; for human events ever resemble those of preceding times.” (Machiavelli). Thus, looking back at the major cyber security trends of 2011 helps us gain perspective (continue reading...) Read more