September 21, 2010 - We first mentioned that W32.Stuxnet targets industrial control systems (ICSs) -- such as those used in pipelines or nuclear power plants -- 2 months ago in our blog here and gave some more technical details here. While we (continue reading...) Read more
September 21, 2010 - Back in July we saw the Stuxnet worm targeting industrial control systems. The Stuxnet authors stole the digital signatures of two Taiwanese chip makers and used them on the rootkit employed by the worm. Just how they were getting their (continue reading...) Read more
September 21, 2010 - Chinese spammers are actively involved in the upcoming celebration of the Mid-Autumn Festival and National day. The Chinese Mid-Autumn Festival (Moon Festival) will occur on September 22 this year andthe government has declared that October 1 is National Day, as (continue reading...) Read more
September 21, 2010 - Posted on behalf of Mathew Nisbet, Malware Data Analyst Today there has been a lot of traffic on Twitter related to a very recently discovered Javascript exploit. It took advantage of the way Twitter handled Javascript in updates. Most of the (continue reading...) Read more
September 17, 2010 - We have been made aware of a recent blog posting pointing to the fact that the print spooler vulnerability used by W32.Stuxnet and addressed in the Microsoft Windows Print Spooler Service Remote Code Execution Vulnerability was in fact (continue reading...) Read more
September 17, 2010 - Our analysis of Stuxnet has been ongoing for some time now, although we have not posted any information on our blog about it we have been continuously analyzing the threat since it was discovered earlier this year. Initial investigation into (continue reading...) Read more
September 17, 2010 - Symantec has observed an increase in the volume of email spam with HTML attachments that contain malicious JavaScript. In the last couple weeks, spammers masquerading as known individuals or companies sent email invitations or business notifications. The message entices recipients to (continue reading...) Read more
September 17, 2010 - We have seen an ever increasing use of PDFs for malicious purposes over the past two years. During this time, we have tracked the growth and usage and have been constantly improving our detections to handle the different evolutions of (continue reading...) Read more
September 17, 2010 - Posted on behalf of Bhaskar Krishnappa, Malware Analyst, Symantec Hosted Services This month, the security world has witnessed two major threats that occurred around the same time. The first one was the mass mailer worm “Here You Have” ( (continue reading...) Read more
September 17, 2010 - The success and penetration of fraudulent security software depends on its ability to scare the user into buying a fake security product. Over the years we have seen that many social engineering techniques have evolved in attempts to achieve this. (continue reading...) Read more
September 15, 2010 - “It can’t happen to me” Hunters and gatherers. Most people think of cybercrime against business to be the work of hunters such as cybercriminals who target then infiltrate a company to steal from it. Reading the newspaper, it’s easy to convince (continue reading...) Read more
September 14, 2010 - Hello and welcome to this month’s blog on the Microsoft patch releases. This is an average size month for releases —the vendor is releasing nine bulletins covering a total of 11 vulnerabilities. Four of the issues are rated “Critical” and affect (continue reading...) Read more
September 14, 2010 - Our continued analysis of W32.Stuxnet has revealed a total of four zero-day vulnerabilities being used by the threat. We have already discussed the .lnk file vulnerability that Stuxnet uses to spread through USB drives here. Further investigations have (continue reading...) Read more
September 13, 2010 - While things had been quiet, we were quite certain that the gang behind Trojan.Hydraq hadn't gone away. It looks like they are back, as we've been seeing evidence of their attacks since January, including an attack I’d like to (continue reading...) Read more
September 10, 2010 - Malware spam is back after a one-month hiatus! The attack has returned to the forefront of the spam threat landscape in the form of .zip and .html attachments, as discussed in the September 2010 State of Spam & Phishing report. (continue reading...) Read more
September 10, 2010 - By Tony Millington, Malware Operations Engineer, Symantec Hosted Services On September 9, 2010 at 15:20 (GMT) MessageLabs Intelligence identified and began blocking a new virus attack using old mass-mailer techniques. Using Skeptic’s patented heuristics, Symantec Hosted Services customers, using MessageLabs Hosted (continue reading...) Read more
September 9, 2010 - Security Response has confirmed reports of a worm spreading through email under the subject "Here you have". The mail to the unsuspecting recipient claims to be providing a document available through a URL. The URL is spoofed and actually points (continue reading...) Read more
September 7, 2010 - A heat wave has hit Russia hard. It has gotten worse and has led to forest fires. Extremely high temperatures across western Russia have reached 35 degrees Celsius (95 degrees Fahrenheit), causing death and creating the worst drought since 1972. (continue reading...) Read more
September 6, 2010 - Symantec has been tracking a recent phishing email attack that is targeting the users of a number of prominent global banking institutions. In this phishing attack it was observed that the spammers are using meaningless, random email headers—possibly in an (continue reading...) Read more
September 3, 2010 - Posted on behalf of Mathew Nisbet, Malware Data Analyst, Symantec Hosted Services The Cutwail botnet has been one of the most prolific spamming botnets during the last two to three years. Even before the McColo ISP takedown in November 2008, Cutwail (continue reading...) Read more