November 28, 2011 - Article contributed by Emily Liu, Symantec Security Response Technician Most of the Russian spam emails we usually encounter are about online advertising, product promotion, and training workshops. These spam emails typically are sent out unsolicited from free or hijacked personal email (continue reading...) Read more
November 28, 2011 - Recently, Symantec observed a modified variant of Zeusbot/Spyeye which uses peer-to-peer (P2P) architecture to communicate. The original Zeusbot communicated directly with its C&C server to download configuration data and upload stolen information. This was a major point of failure for (continue reading...) Read more
November 22, 2011 - A type of fraud involving adult related content, called “one-click fraud”, has been targeting computer users in Japan for a while now. Typically, the fraud involves users attempting to access content on websites, which are usually pornography-related. When a user (continue reading...) Read more
November 21, 2011 - How does Symantec know it's the week of Thanksgiving? Because as the busiest travel day of the year day quickly approaches, the day just before Thanksgiving , there is a surge in fake email ticket confirmations that lead to viruses. Here (continue reading...) Read more
November 21, 2011 - Recently ProofPoint posted a blog with a chart detailing some of the differences between Symantec.cloud (formerly MessageLabs) and ProofPoint technologies. Several of the side-by-side comparisons are inaccurate, so we are posting this blog to address the factual inaccuracies. In the section (continue reading...) Read more
November 10, 2011 - Sporting events are always popular among the spammers. Formula 1, a game of speed, thrill, and action, is no exception. In the past we have seen spam messages ranging from cheap and/or fake game tickets to phishing around almost all (continue reading...) Read more
November 10, 2011 - Here’s a money making idea: find some advertisers and tell them you can put their ads on billboards at half the going rate. You don't own any billboards? No problem, just go paste the ads over the ones on someone (continue reading...) Read more
November 8, 2011 - Hello, welcome to this month’s blog on the Microsoft patch release. This is a small month—the vendor is releasing four bulletins covering a total of four vulnerabilities. Only one of this month's issues is rated ‘Critical’ and it affects the Windows (continue reading...) Read more
November 6, 2011 - In late September 2011, it was reported that a previously unknown and un-patched vulnerability in Hancom Office (a word processing software predominantly used in Korea) was exploited in the wild. We often hear of new exploits targeting software used (continue reading...) Read more
November 1, 2011 - The group that initially discovered the original Duqu binaries, CrySyS, has since located an installer for the Duqu threat. Thus far, no-one had been able to recover the installer for the threat and therefore no-one had any idea (continue reading...) Read more
October 31, 2011 - Contributor: Anand Muralidharan Recently, the death of Libyan leader Muammar Gaddafi triggered a malware attack which Symantec previously blogged about. We have observed spammers' continued delight with this news event through the sending of malicious attack and 419 spam messages. In (continue reading...) Read more
October 27, 2011 - Recently, a new threat called Android.Fakeneflic has taken advantage of gaps in the availability of a legitimate video streaming service in order to target mobile users in North America. Here is another example of social engineering at work; (continue reading...) Read more
October 27, 2011 - Over the last few months we have been trying to look deeper into how Web-based malware gets distributed. A lot has been written about the underground economy and how one can buy exploit kits, such as Blackhole, from underground websites. (continue reading...) Read more
October 27, 2011 - In the last few months we have seen a variety of spam campaigns propagating on social networking websites. Most of these attacks use some flavor of social engineering tactics. Every now and then, we see some innovative social engineering techniques (continue reading...) Read more
October 26, 2011 - In recent days, we have seen blogs about a specific type of Mass Injection campaign. We take this opportunity to publish our findings in this blog. This particular campaign has already picked up pace and it is infecting a lot of (continue reading...) Read more
October 23, 2011 - Threat Analysis: Alan Neville As word spreads of the death of Muammar Gadhafi, cybercriminals are starting to take advantage. We are already seeing spam campaigns related to his death with malicious attachments. Here are a couple of examples of what we (continue reading...) Read more
October 21, 2011 - I wrote Symantec's original blog post describing the discovery of Duqu. In that blog I use the term "industrial control system manufacturers" and (after discussions with a variety of parties) we want to change that term to "industrial industry (continue reading...) Read more
October 21, 2011 - As mentioned in our previous blog, W32.Duqu was first brought to our attention by a research lab who had been investigating a targeted attack on another organization. This research was conducted by the Laboratory of Cryptography and System Security (continue reading...) Read more
October 18, 2011 - On October 14, 2011, a research lab with strong international connections alerted us to a sample that appeared to be very similar to Stuxnet. They named the threat "Duqu" because it creates files with the file name prefix (continue reading...) Read more
October 14, 2011 - Do you know which of these Instant Messaging (IM) scenarios could put a company at risk and which are harmless? Have you (or someone you know) ever… Sent a file over IM to a coworker who needed it ASAP? Clicked on a (continue reading...) Read more