Video Screencast Help
Reality Check
Showing posts tagged with Basics
Showing posts in English
Ctrox | 14 Jan 2010 | 6 comments

Recently, Symantec convened a panel of researchers to review the 2009 threat landscape and to discuss what we can expect in 2010.

The group was unanimous in saying what we saw this year was ugly. Botnets prevailed and took over as a primary means of disseminating spam and spreading malware, while social engineering attacks became more sophisticated.

But the group was also in agreement in saying that what we experienced this year will pale in comparison to what 2010 will bring: “fast flux” botnets will dominate, rogue security software vendors will up their game, and fraud targeted at social networking applications will grow.

That’s the bad news. The good news is that with some preparation and the right security solutions in place, we can continue to outsmart the bad guys.

Here are the security trends that are likely to be noteworthy in 2010: 

  • Social engineering will be the primary attack vector –...
Ctrox | 11 Jan 2010 | 0 comments

The emails arrive bearing subject lines such as “State Vaccination H1N1 Program,” “Governmental registration program on the H1N1 vaccination,” and “Create your personal Vaccination Profile.” Purportedly from the Centers for Disease Control, the messages urge recipients to register for H1N1 vaccinations.

The problem is they’re bogus.

The messages lead users to an official-looking CDC site where they’re asked to create a profile in order to receive a vaccination for the swine flu. The site encourages users to download a vaccination profile archive and includes a link to the download.

Clicking on the link, however, actually downloads and installs a new variant of the “Zbot” Trojan horse. Called “Zeus” by some security companies, the malware is a bot Trojan that hijacks the Windows PC for nefarious activities, including sending out more spam.

It’s just the latest example of the way...

Ctrox | 11 Jan 2010 | 0 comments

Never at a loss to cook up new and ingenious scams, cyber-criminals are using increasingly persuasive online scare tactics to convince users to purchase rogue security software.

Rogue security software, also known as “scareware,” pretends to be legitimate security software but actually provides little or no value and may even install malicious code on a user’s computer.

According to the recently released Symantec Report on Rogue Security Software, there are two main ways in which rogue security software is installed on a computer: either it is downloaded and installed manually by a user after he or she has been tricked into believing that the software is legitimate, or it is unknowingly installed onto a computer when a user visits a malicious website.

Rogue security software is advertised in a variety of locations, including malicious and...