January 21, 2010 - You probably have heard the recent news about a widespread attack that was carried out using a 0-Day exploit for Internet Explorer as one of the vectors. This exploit is also known by the name (continue reading...) Read more
January 21, 2010 - On the heels of having learned that Gumblar infected three Japanese websites late last year, MesageLabs Intelligence has tracked Gumblar’s latest activity which has been heavy over the past few days, especially on 17 January when it represented 25 percent (continue reading...) Read more
January 21, 2010 - In our last Trojan.Hydraq (Aurora) blog, The Trojan.Hydraq Incident, we mentioned that one of the components of this Trojan is based on VNC code and has the ability to allow an attacker to control and stream a live (continue reading...) Read more
January 18, 2010 - It has been about a week since news of the mysterious Hydraq Trojan (also known as Aurora) attack broke with the unveiling of a threat by Google to pull its operations out of China. In between then and now there (continue reading...) Read more
January 17, 2010 - News of an exploit being used to target a zero-day vulnerability in Internet Explorer (BID 37815) was announced on Thursday, January 14th. According to Microsoft, the vulnerability affects Internet Explorer 6, 7, and 8, which together make up (continue reading...) Read more
January 15, 2010 - On 31 December 2009 MessageLabs Intelligence began tracking a new botnet, named 'Lethic'. At that time, it accounted for 2.5 percent of all spam. On 1 January 2010 it rose to just under 4 percent of all spam and carried (continue reading...) Read more
January 12, 2010 - Hello and welcome to this month’s blog on the Microsoft patch releases. This month we also have a “Patch Tuesday” from Adobe, and Oracle is releasing their quarterly “Critical Patch Update.” Microsoft’s patches This is a very light month (continue reading...) Read more
January 8, 2010 - Last December we saw a couple of malicious JavaScript strings being pasted into Web sites on compromised servers. The beginning of the scripts look like one of the following: <script>/*GNU GPL*/ try{window.onload = function(){var ~ <script>/*CODE1*/ try{window.onload = function(){var ~ We’ve now confirmed (continue reading...) Read more
January 6, 2010 - When I worked at a small business the IT guy also took care of the phone system, assembled bookcases if needed, and occasionally worked the front desk when the receptionist was on break. In a small business everyone wears many (continue reading...) Read more
December 30, 2009 - Posted on behalf of Paul Wood, MessageLabs Intelligence Senior Analyst, Symantec Hosted Services Happy New Year! The uncertainty of what 2010 will bring news-wise is exactly what makes the spam landscape, well, interesting and unpredictable. Although we can predict general threat (continue reading...) Read more
December 29, 2009 - Over the last few days there have been many articles written about an issue in Microsoft’s Internet Information Services (IIS). This issue allows an attacker to bypass normal security restrictions when uploading a file to a Web application running (continue reading...) Read more
December 21, 2009 - Posted on behalf of Dan Bleaken, Malware Data Analyst, Symantec Hosted Services Symantec Hosted Web Security Service blocks millions of web requests every day to protect employees from content that is either against company policy, or malicious. In a typical week (continue reading...) Read more
December 17, 2009 - We have recently learned of yet another zero-day exploit in Adobe Acrobat. This time it's an overflow for a special type parameter in a function provided by the multimedia.api plugin that can be manipulated from JavaScript in the following (continue reading...) Read more
December 14, 2009 - Posted on behalf of Paul Wood, MessageLabs Intelligence Senior Analyst, Symantec Hosted Services Without a doubt, 2009 was the Year of the Botnet. As reported in the MessageLabs Intelligence Annual Report, by the end of 2009, 83.4 percent of spam (continue reading...) Read more
December 11, 2009 - Posted on behalf of Paul Wood, MessageLabs Intelligence Senior Analyst, Symantec Hosted Services I never like to dwell on the past. But as I reflect more on what an eventful year 2009 has been, there are some highlights worth noting. I (continue reading...) Read more
December 9, 2009 - A peak of new infections of Trojan.Mebroot has been found in the wild and after some investigation the data shows that there is a new wave of Mebroot Trojans being distributed through a popular exploit pack. The binary executables are (continue reading...) Read more
December 8, 2009 - Hello and welcome to this month’s blog on the Microsoft patch releases. This month we also have a "Patch Tuesday" from Adobe. Microsoft's patches Microsoft released six security bulletins to address 12 vulnerabilities; seven are rated "critical." The critical issues affect Internet (continue reading...) Read more
December 8, 2009 - Posted on behalf of Paul Wood, MessageLabs Intelligence Senior Analyst, Symantec Hosted Services A few weeks ago, when Symantec announced our 2010 Predictions, I stated in my accompanying blog post that what we’ve seen this year was ugly (highlight with (continue reading...) Read more
December 3, 2009 - The Mozilla Firefox browser is constantly gaining in popularity. A recent market share survey by Net Applications awards Firefox with 24% of users worldwide. One of the key philosophies of Firefox is that its functionality can easily be extended using (continue reading...) Read more
November 21, 2009 - A new exploit targeting Internet Explorer was published to the BugTraq mailing list yesterday. Symantec has conducted further tests and confirmed that it affects Internet Explorer versions 6 and 7 as well. The exploit currently exhibits signs of poor (continue reading...) Read more