Latest PostsArchived Posts
W32.Downadup Infection Statistics
Security Intel Analysis Team @ January 6, 2009 8:39:43 PMThe W32.Downadup.A worm was the first worm discovered in the wild that was successfully leveraging MS08-067 in a widespread fashion. Symantec carried out an in-...Read More
2008—Ending With a Bang
Security Intel Analysis Team @ December 31, 2008 12:07:48 AMThis has been an interesting year for high-profile vulnerabilities and security research. In 2008, awareness has been raised about a number of high impact, remo...Read More
Merry Christmas from Arnold Schwarzenegger! (?)
Liam O Murchu @ December 29, 2008 12:06:47 PMW32.Waledac is a worm that sends emails containing a link to an apparent Christmas e-card that you have received. However, when the link for the e-card in the e...Read More
Phishing Attacks Utilizing Port Numbers
Sai Nayaran Nambiar @ December 23, 2008 9:00:55 PMThere are varying types of technologies used by online attackers these days. There are old tricks and of course new ones, but it is the newer ones that make it ...Read More
Data ProtectionArchived Posts
Top Data Protection Myths - Myth 3
JasonFisher @ September 9, 2008 10:36:14 PMUpgrading your data protection software is generally perceived as a painful process among the IT crowd. At the same time, that crowd is seeing the need to up...Read More
Risk Management and Data Protection
TimBur @ September 18, 2008 3:02:56 PMThe idea of risk management is in the news lately, given the turmoil in the financial markets. Working in data protection, we think long and hard about risk man...Read More
Mealtime in South America Makes Me Think About Backing Up VMware
Daniel Hoffer @ September 9, 2008 3:42:26 PMI’ve spent the last couple weeks travelling through Latin America (Mexico, Brazil, and Argentina) and the one commonality between my experiences in each of t...Read More
Top Data Protection Myths - Myth 6
JasonFisher @ September 12, 2008 7:00:10 PMJust in time for VMworld this week, I'd like to debunk one last myth around data protection-the myth that virtual machines automatically require an additiona...Read More
EmergingArchived Posts
Black Hat Review - Conclusion
Anthony Roe @ August 14, 2008 6:47:54 PMWell, sadly the time seemed to fly by and last week's conference ended more quickly than I would have liked. I didn't have the time to stay in Vegas and atte...Read More
Symantec – How We Win at Securing Customers in a Virtual World
Tom Thomassen @ October 7, 2008 2:39:11 PMSymantec's Cutting Edge 2008 engineering conference had a remarkable symmetry on the second day. The first keynote was delivered by Enrique Salem, COO of Sym...Read More
It's All About Reputation
Carey Nachenberg @ October 2, 2008 1:54:41 PMIn a nutshell, Symantec's new approach to detecting threats automatically derives reputation ratings (e.g. safe, unknown, unsafe) for every executable file a...Read More
How We Win – Openly
Rob Clyde @ October 2, 2008 10:10:08 PMHere at Cutting Edge we have a lot of exciting technological developments and innovations to share. At the top of the list for me is the Symantec Open Collab...Read More
Evolution Of SecurityArchived Posts
Security Bugs Vs. Regular Bugs
Jesse Gough @ August 28, 2008 5:29:02 PMThere has been much debate recently that stems from discussions related to Linux kernel development, over whether or not security vulnerabilities should be t...Read More
PCI-DSS Version 1.2 - Changes Forthcoming
Jesse Gough @ August 26, 2008 6:53:35 PMThe PCI Security Standards Council has released a summary of changes and clarifications for version 1.2 of the PCI-DSS standard, which is scheduled for relea...Read More
Elcomsoft Debuts Graphics Processing Unit (GPU) Password Recovery Advancement
Erik Kamerling @ November 12, 2007 8:00:00 AMOn October 25, 2007, Elcomsoft Co Ltd. in Moscow, Russia filed for a US patent on a reportedly new password recovery method that makes use of a video card's ...Read More
Hacking the Bubble
Marc Fossi @ July 25, 2007 7:00:00 AMHacking has existed in one form or another for quite some time. Just as the Internet grew by leaps and bounds in the '90s, so did the hacking community. Whil...Read More
Grab BagArchived Posts
The Security Response Blog Will be Changing its RSS Feed
Trevor Mack @ October 20, 2008 11:30:53 PMThis Thursday morning (Pacific Daylight Time), October 23rd, we will switch over our RSS feed to a new URL. Please be sure to update your RSS feeds to use the n...Read More
Can You Check This for Me?
M.K. Low @ June 23, 2008 7:06:05 PMRecently, during her vacation to visit me, my sister forgot her cell phone and had to use her credit card in a pay phone to call me. Later that day, she tried t...Read More
Safe Summer Travels on the Information Superhighway
Zulfikar Ramzan @ August 1, 2008 4:37:51 PMWith the Olympics right around the corner and being that we are in the heart of the summer, I’m sure many of you will find yourselves travelling quite extens...Read More
Rg00dP@55Wrd53z?
Ben Nahorney @ July 18, 2008 2:41:31 PMTell me if this sounds like a familiar scenario. You’ve come up with a brilliant password – it’s strong, easy to remember, and you’ve finally mastered the fi...Read More
ISTRArchived Posts
Symantec Report on the Underground Economy – Goods and Services Advertised
Marika Pauls Laucht @ November 26, 2008 10:22:03 AMThe online underground economy has evolved into a full-fledged marketplace where participants advertise and traffic stolen information, provide services to aid ...Read More
Symantec Report on the Underground Economy – Malicious Tools
David McKinney @ November 27, 2008 1:16:30 PMThe newly released Symantec Report on the Underground Economy discusses a number of topics, including the supply and demand of goods and services that were adve...Read More
I'd Buy That for $10
M.K. Low @ July 10, 2008 3:14:29 PMThe costs of most goods are so much higher than they were 30 years ago. Back then, cars were under $10,000 (I remember this because the Price is Right only h...Read More
Symantec Report on the Underground Economy: Self-Sustaining Economy
M.K. Low @ November 24, 2008 2:42:14 PMUnderground economy servers are black market forums used to advertise and traffic stolen information. The information can include government-issued identificati...Read More
IT Risk ManagementArchived Posts
Dispelling Myth 2: IT Risk Management is a Project
Jeremy Ward @ February 4, 2008 8:00:00 AMSo you’ve got a project to manage the risk to your IT systems? Well, in actual fact you probably haven’t! (It’s more likely that you’re too busy dealing with...Read More
A Closer Look at “Risk Mitigation”
Tim Gallo @ November 1, 2007 7:00:00 AMI recently attended a pair of conferences in Las Vegas (yes, lovely Las Vegas). Not only was it hot, but because I was staying in one hotel and the conferenc...Read More
Ask the Expert - Social Networking
Kevin Haley @ January 24, 2008 8:00:00 AMSocial networking sites are an increasingly popular way for people to keep in contact with friends, family and business colleagues. These sites offer a rich ...Read More
IT Risk and the Millennials
Samir Kapuria @ December 20, 2007 8:00:00 AMI know, it sounds like the name of an old school rock band, but it’s not. It’s actually going to be one of the most pressing issues for IT in 2008. With mill...Read More
Malicious CodeArchived Posts
Trojan.Gpcoder Revisited
Eoin Ward @ June 13, 2008 6:19:22 PMTrojan.Gpcoder is a particularly nasty threat that uses public key cryptography to encrypt files on a person’s computer and subsequently requests payment from t...Read More
Vulnerabilities in Malicious Code – Owning the Owners, Part I
Davide Veneziano @ October 17, 2008 5:52:50 PMVolume XIII of the Symantec Internet Security Threat Report highlighted the fact that the number of vulnerabilities affecting web applications is growing. Howev...Read More
Trojan.Silentbanker Decryption
Liam O Murchu @ October 10, 2008 9:01:42 AMOn Monday we saw that Trojan.Silentbanker had added rootkit functionality in order to hide its own files. Today we'll look at another change that the new ver...Read More
All Your (Data)base Are Belong to Trojan.Eskiuel
Andrea Lelli @ September 17, 2008 4:21:10 PMModern SQL databases are flexible, efficient, and can run commands at an OS level easily-a perfect target from a malicious code perspective! Our honeypot ser...Read More
Mobile & WirelessArchived Posts
Tall Latte, Hold the Malware
Henry Bell @ August 20, 2008 5:20:52 PMThere’s nothing like coffee one-upmanship to make the blood boil. “You’re still drinking lattes? With actual milk from a cow? Good grief, where have you been...Read More
A Smart Worm for a Smartphone – WinCE.PmCryptic.A
Andrea Lelli @ November 13, 2008 10:41:15 PMWe have already seen a file infector working on smartphones (see WinCE.Duts.A) and a worm that could spread by infecting storage cards (see WinCE.Infomeiti). No...Read More
Google's Android Phone
Eric Chien @ November 12, 2007 8:00:00 AMAll of the recent rumors about Google releasing a "gPhone" were finally put to rest with their release of Android, which is a software stack for mo...Read More
First Sightings of Malicious iPhone Package
Orla Cox @ January 7, 2008 8:00:00 AMReports started appearing on Saturday regarding the existence of malicious packages for the Apple iPhone. A package called "iPhone firmware 1.1.3 prep&q...Read More
Online FraudArchived Posts
A Guide for Beating Phishing Attacks
Kelly Conley @ October 21, 2008 11:37:52 PMPhishing is a way for individuals who are known as "phishers" to obtain your private information such as bank account details and passwords. Phishing messages c...Read More
Reactive Phishing Defenses - Part 2
Antonio Forzieri @ October 27, 2008 6:01:57 PMMy previous blog article was intended to highlight two new features observed in a number of phishing kits that held the aim of making the lives of security anal...Read More
Buyer Beware - Scam Olympic Ticketing Sites About
Hon Lau @ August 4, 2008 6:19:56 PMA timely warning to those wishing to purchase last minute tickets for the Beijing Olympic Games of 2008 to beware of scams and rip offs. There are some fake ...Read More
Did You Catch Some Phish?
Davide Veneziano @ September 29, 2008 11:22:15 PMThe evolution of a phishing attack is quite straightforward. At first, the fraudsters compromise a vulnerable server and deploy a package called a "phis...Read More
Security RisksArchived Posts
The (File)Name Game!
Elia Florio @ October 3, 2008 6:38:15 PMDigging into our honeypots and spam-trap systems to look for malicious attachments is always an interesting exercise. We can identify different spam campaign...Read More
Misleading Application Targets Free Online Services
Umesh Wanve @ September 3, 2008 4:44:16 PMWe have seen in recent times that malicious binaries are spreading through social engineering attack vectors like spam emails, phishing, and social networkin...Read More
Cloning Shop for Mac Users Now Open!
Alfredo Pesoli @ March 21, 2008 7:00:00 AMThis week, our friends at Trend blogged about a new misleading application for the Mac. We decided to take a look at it as well. The application, named iMuni...Read More
Yet another Site Falls Prey to XP Antivirus
Vikram Thakur @ March 25, 2008 7:00:00 AMA couple of weekends ago, I was doing exactly what most computer users do in their free time. I was sitting front of the computer, visiting sites that I have...Read More
SpamArchived Posts
Symantec State of Spam Report - July
Kelly Conley @ July 2, 2008 1:49:52 PMThe July State of Spam Report opens with optimistic words from 2004, from one Bill Gates: “Two years from now, spam will be solved.” While we wish that we could...Read More
Bye Bye Bandwidth?
Silas Barnes @ July 11, 2008 4:40:35 PMEveryone knows that in a matter of hours, hype can turn a small event into something much larger in the minds of society. Enter the latest round of malicious...Read More
Dramatic Spike in the Number of Email Messages Containing Malware
Kelly Conley @ October 6, 2008 7:14:26 PMThe trend of spam messages containing URL links to malicious code and/or carrying malicious payloads has dramatically spiked since May of this year. This tre...Read More
Spammers Continue to Wage Their Own U.S. Presidential Campaigns
Dermot Harnett @ November 5, 2008 9:24:21 PMWhile the U.S. voters have now been heard and are welcoming their new president, it is important for us to remember that the spam campaign is certainly not over...Read More
Vulnerabilities & ExploitsArchived Posts
ActiveX File Overwrite/Delete Vulnerabilities - Continued
Parveen Vashishtha @ October 28, 2008 6:38:25 PMIn a blog article from last year, I discussed the rise in popularity of exploits using ActiveX overwrite/delete vulnerabilities due to their ease of use. Since ...Read More
Microsoft Patch Tuesday for September 2008
Robert Keith @ September 9, 2008 6:01:10 PMAll of the vulnerabilities this month are client-side issues rated "critical." Five of the issues affect the GDI+ graphics library; the rest affect...Read More
Microsoft Patch Tuesday for June 2008
Robert Keith @ June 10, 2008 11:58:54 PMHello and welcome to this month’s blog on the Microsoft patch releases. The vendor is releasing seven bulletins that cover a total of 10 vulnerabilities. Of ...Read More
Microsoft Patch Tuesday for October 2008
Robert Keith @ October 14, 2008 7:02:30 PMHello and welcome to this month’s blog on the Microsoft patch releases. This is another fairly heavy month, with 11 bulletins covering 20 vulnerabilities....Read More
Windows VistaArchived Posts
Microsoft Patch Tuesday for December
Robert Keith @ December 11, 2007 8:00:00 AMHello, and welcome to this month’s blog on the Microsoft patch releases. Microsoft released seven bulletins this month, covering a total of eleven vulnerabiliti...Read More
Windows Vista Network Attack Surface Analysis: An Update
Jim Hoagland @ March 7, 2007 8:00:00 AMGreetings. For the last four months we have been busy taking a look at the release (RTM) version of Windows Vista in an effort to update our Windows Vista Netwo...Read More
Microsoft's Inaccurate Teredo Documentation, and Other Vista CVEs
Jim Hoagland @ April 3, 2007 7:00:00 AMLast week the CVE project issued nine new CVEs for Vista, numbered CVE-2007-1527 through CVE-2007-1535. While these CVEs were directly based on our findings in ...Read More
Code Signing and UAC–It Just Gets Better
Ollie Whitehouse @ March 12, 2007 7:00:00 AMCode Signing and UAC in Windows Vista have a relationship that should not be underestimated. Code Signing allows UAC to provide a user with the details of an ap...Read More
