September 13, 2011 - (Note: This blog was written on September 2. We decided to postpone publishing it due to an ongoing joint effort to shut down servers and block domain names. The variant studied is not the latest but accurately reflects the functionalities (continue reading...) Read more
September 13, 2011 - Thanks to Takayoshi Nakayama for his research and contributions to this blog. Targeted attacks have been a pretty popular topic of discussion in the security industry in recent years. Many may recall the incident involving Hydraq—from January 2010—and Shady (continue reading...) Read more
September 13, 2011 - Hello and welcome to this month’s blog regarding the Microsoft patch release. This is a smaller month in terms of patches—the vendor has released five bulletins covering a total of 15 vulnerabilities. This month, all of the issues are rated “Important” (continue reading...) Read more
September 9, 2011 - Thanks to Vivek Krishnamurthi for contributing to this blog. Every sensitive event is an opportunity to exploit. With this motive in the background, it is not surprising to see spammers exploit 9/11. With the 10th anniversary of the tragedy just a (continue reading...) Read more
September 8, 2011 - As we've covered extensively on the Symantec Intelligence blog in the past, 419 or advance fee fraud scammers are highly skilled at using current events to their advantage. Recently we have seen scams taking advantage of unrest in Libya, the (continue reading...) Read more
September 7, 2011 - Ten years later, it is tempting to say that the September 11th terrorist attacks against the U.S. changed everything. It is indisputable that it changed many things, and without a doubt it changed how we think about security, how we (continue reading...) Read more
September 6, 2011 - Thanks to Amit Kulkarni for his contributions to this blog. Since its launch, the Apple iPhone has been on the wish lists of most consumers. The iPhone 4 has already made an impression in the marketplace, so it is obvious that (continue reading...) Read more
September 5, 2011 - In February this year the Symantec Intelligence Blog covered how 419 or advance fee fraud scammers were using the unrest in Libya to their advantage. As we've extensively covered in the past on the blog, 419 scammers are skilled at (continue reading...) Read more
September 1, 2011 - Picture this news story: “42 suspects in three countries were arrested today in connection with the attempted theft of intellectual property from XYZ Corp. XYZ Corp. worked with law enforcement in each country in order to identify and apprehend the (continue reading...) Read more
August 31, 2011 - There has been a lot of coverage of the recent RDP capable W32.Morto worm, but one of the more interesting aspects of the worm’s behavior appears to have been overlooked. Most malware that we have seen recently has some (continue reading...) Read more
August 30, 2011 - Famous or infamous, when you make news, the scammers pay attention. While we have come to expect the famous and infamous to show up in malware attacks that use spam and SEO poisoning, we shouldn’t be surprised when scammers leverage (continue reading...) Read more
August 29, 2011 - Scammers love to feast on human weakness. This time they aim to exploit human ‘need and greed’ to its optimum best. Using recent news is quite common in spam. For example the Libyan uprising, with its rise and fall of (continue reading...) Read more
August 26, 2011 - W32.Xpaj.B is one of the most complex and sophisticated file infectors Symantec has encountered. In an older blog post, Piotr Krysiuk calls it an “upper crust file infector.” He describes several different approaches that the infector uses to (continue reading...) Read more
August 23, 2011 - As you sit down and open Outlook to delete yet another “Satisfy her in bed tonight!” solicitation from Angelina Jolie, do you ever wonder if every spam email on earth looks the same? It is true that certain phrases in (continue reading...) Read more
August 23, 2011 - W32.Virut is a Windows file infector that’s been around since 2006. It usually makes the top 10 in threat charts and therefore deserves regular scrutiny. Analysis of recent variants show that changes were made to strengthen the communication protocol between (continue reading...) Read more
August 23, 2011 - Technical analysis: Poul Jensen, Illustrations: Ben Nahorney It is a given that many malicious software threats seen today will download additional software components to perform various activities. With the transition from malware for fun to profit-driven malware and the connected nature (continue reading...) Read more
August 22, 2011 - In the past we have seen malicious attacks pretending to be shipment notifications from various parcel delivery services. Now the New York State DMV has become the latest “brandjacking” victim for a series of malware attacks. Here is what the fake (continue reading...) Read more
August 22, 2011 - In the past few weeks, we have observed an old spam tactic re-emerging. Spammers are again using news feed to populate the subject header of spam messages. This technique has been used in the past in the form of (continue reading...) Read more
August 19, 2011 - In 2004, Massachusetts Senator Edward “Ted” Kennedy was refused an airline boarding pass by the Transportation Security Administration (TSA) on five different occasions. Despite being from one of the most famous families in American politics, not to mention being a U.S. (continue reading...) Read more
August 18, 2011 - An increasing number of photo sharing and social networking sites have facial recognition software to help users identify and “tag” people in photos. I don’t have much use for this type of feature; for me looking at old photos is (continue reading...) Read more