Symantec.com > Business > Security Response

Security Response

Our security research centers around the world provide unparalleled analysis of and protection from malware, security risks, vulnerabilities, and spam.
90 Day Global Threats, Risks, and Vulnerabilities Timeline
90 Day Global Threats, Risks, and Vulnerabilities Timeline
90 day view of discovered Threats, Security Risks and announced Vulnerabilities brought to you by the DeepSight Threat Management System
RiskThreatVulnerability
90 Day Attack Trends By Region
90 Day Attack Trends By Region
90 day attack trends by region information brought to you by the DeepSight Threat Management System.
Australia Africa N. America Europe S. America Asia
365 Day Global Spam Percentage
365 Day Global Spam Percentage
365 day view of the percentage of total global email volume that is spam. Brought to you by Symantec’s Brightmail operations.
Most Active New Threats
Most Active New Threats
Newly discovered threats that Symantec has blocked from customer machines.
Subscribe
NameTypeProtectedDiscovered
Bloodhound.Exploit.341Trojan Virus07/23/201007/23/2010
Bloodhound.Exploit.343Trojan Virus07/23/201007/23/2010
Bloodhound.Exploit.346Trojan Virus07/27/201007/27/2010
Packed.NegmuruTrojan Virus07/17/201007/16/2010
Trojan.FakeAV!gen36Trojan07/21/201007/21/2010
Trojan.Komplexad!genTrojan07/21/201007/21/2010
W32.Changeup.CWorm07/23/201007/23/2010
W32.QueneethanWorm07/23/201007/21/2010
W32.Stuxnet!lnkVirus07/16/201007/17/2010
Threat Spotlight: W32.Stuxnet
W32.Stuxnet is a worm that is currently spreading in the wild. This threat takes advantage of a previously unknown technique using .lnk files to spread through USB drives. The worm then drops a rootkit on any computers it successfully compromises.

For further information on this threat, see our W32.Stuxnet and W32.Stuxnet.lnk writeups, as well as our blog entry covering commonly asked questions about the threat. You can also read more about the Microsoft Windows Shortcut 'LNK'Files Automatic File Execution Vulnerability (BID 41732) as well.
Best Practices for Symantec Endpoint Protection customers
With the rapid rise in the number of malware attacks it’s harder than ever to prevent machines from getting infected. But have you done everything you can do? Have you done the things you must do to stay protected? Following some simple best practices can make a tremendous difference in improving your protection. Symantec has assembled a set of best practices for today’s threat landscape.

Use these recommendations to know what you must, should and can do to protect your endpoints from malware.

Want to go further and really beef up protection on your endpoint machines? Symantec Endpoint Protection has a feature called Application and Device Control that gives you additional tools to protect your endpoints. Find out about Application and Device Control and download rulesets especially created by Symantec to increase your protection. Information available here.
White Paper Spotlight : Pay-Per-Install
Malware was once written mainly for fame and notoriety. However, it has now become a very profitable enterprise, backed by strong business modes. The pay-per-install distribution model is based on revenue sharing and commission. Malware authors do not have the resources or bandwidth to spread their malware on a large scale. Instead they rely on a network of affiliates, who distribute the malware, and in return get paid a commission for every install.

Download the full ‘Pay-Per-Install: The New Malware Distribution Network’ white paper.

View the full set of Symantec Security Response white papers.
Internet Security Threat Report
The Symantec Internet Security Threat Report provides an annual overview and detailed analysis of Internet threat activity, malicious code, and known vulnerabilities. The report also discusses trends in phishing, spam and observed activities on underground economy servers.

The latest report highlights that: malicious activity continues to be pushed to emerging countries; targeted attacks on enterprises are increasing, with Web-based attacks continuing to be a favored attack vector; readily available malicious code kits are making it simple for neophyte attackers to mount attacks; and the online underground economy and malicious activity are benefiting from the downturn in the global economy.

For a review of the threat landscape in 2009, download your copy of Internet Security Threat Report XV.
For quarterly reports about what’s happening in 2010 visit the Symantec Intelligence Quarterly.
Threat Intelligence Twitter Feed
Subscribe

Views and updates from the Symantec Threat Intelligence (Security Response) team on all things security.
http://twitter.com/
threatintel
Blog: W32.Stuxnet Variants - http://bit.ly/d7329j 16 hours ago
@marciedead We predicted Mac & mobile malware would increase. Status of our trend predictions at: http://bit.ly/9LowLV yesterday
@kpapapan crypto & access control R common on WiFi rarely used on wire nets; admins rely 2much on phys sec to protect wired nets; more2come yesterday
@ #BlackHatUSA "attribution" is hot topic, no discussion of appropriate responses once incursions are attributed. yesterday
Panel @ #BlackHatUSA asks "is WiFi actually more secure than wired networks?" Consensus: YES! yesterday
"Cyber security and homeland secuity are now indistinguishable", from BlackHat keynote address yesterday
Latest Posts from Security Response Blogs
Subscribe

Phishing Site Uses Katrina Kaif as Bait

Mathew Maniyara @ Thu, 29 Jul 2010 12:00:28
In the past couple of months, pornography has been used as bait in several ...

W32.Stuxnet Variants

Liam O Murchu @ Thu, 29 Jul 2010 00:40:57
As we have mentioned in a previous blog W32.Stuxnet contains a complex nested ...

Tracking Cookies

Ben Nahorney @ Wed, 28 Jul 2010 08:00:02
Given the millions of threats that Symantec products block every day, you ...

After Football, Scammers Pursue the Cricket World Cup

Mathew Maniyara @ Wed, 28 Jul 2010 02:45:19
The ICC 2011 Cricket World Cup begins on February 17, 2011, and phishing ...

Fraudsters Offering Free Mobile Phone Airtime

Mathew Maniyara @ Wed, 28 Jul 2010 02:27:50
In July 2010, several phishing sites were observed to be spoofing social ...

W32.Changeup: Visual Basic Polymorphic Code Uncovered

Takayoshi Nakayama @ Wed, 28 Jul 2010 01:18:07
W32.Changeup is a type of polymorphic worm written in Visual Basic (VB) ...

Vulnerabilities
Vulnerabilities
A Vulnerability is a state in a computing system (or set of systems) which either (a) allows an attacker to execute commands as another user, (b) allows an attacker to access data that is contrary to the specified access restrictions for that data, (c) allows an attacker to pose as another entity, or (d) allows an attacker to conduct a denial of service.
Subscribe

Stay Secure

Definitions FeedSubscribe

Get the latest virus definitions status

Multiple Daily Updates Learn More

  • Symantec Endpoint Protection 11
  • Norton AntiVirus 2008 and newer
Virus Definitions created 7/29/2010
Virus Definitions released 7/29/2010
Defs Version: 120729b
Sequence Number: 113273
Extended Version: 7/29/2010 rev. 2
Total Detections (Threats & Risks): 7580454

Daily Updates Learn More

  • Symantec AntiVirus
  • Norton AntiVirus 2006/2007
Virus Definitions created 7/29/2010
Virus Definitions released 7/29/2010
Defs Version: 120729b
Sequence Number: 113273
Extended Version: 7/29/2010 rev. 2
Total Detections (Threats & Risks): 7580454

Weekly Updates Learn More

Virus Definitions released 7/28/2010

Symantec Endpoint Protection Security Updates Learn More

Proactive Threat Protection: 7/29/2010 rev. 16
Network Threat Protection: 7/28/2010 rev. 4
Norton AntiVirus for Mac Virus Definitions released 7/28/2010
Symantec AntiVirus for Handhelds Virus Definitions released 7/26/2010

Certified Intelligent Updater

The Intelligent Updater virus definitions are fully tested and certified by Quality Assurance. Intelligent Updater is an alternate delivery method for certified definitions, which consists of an executable file that can be downloaded and run manually.

ThreatCon

Level 2: Elevated

Level 2: Elevated

Learn more about threat levels
Stay Secure
Virus Definitions

Definitions FeedSubscribe

Get the latest virus definitions status

Intelligent Updater

Using the Intelligent Updater to update virus definition files. Read article

Submissions
Threat Sample
Submit a suspect file for analysis
Submit Sample Threat
Dispute Submission
Submit a Malware or Phishing False Positive report, or dispute a Security Risk classification or Download Insight rating
Submit Dispute
Software White-List Request
Proactively reduce the risk of false positives on your software
Submit White-List Request
Prevent Information Loss and Theft: Let Symantec help protect your business.  Shop Now