Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Community Blog
Showing posts tagged with Security Risks
Showing posts in English
rcarela | 01 Feb 2010 | 0 comments

The South Florida Security & Compliance User Group Board of Directors would like to thank everyone who attended the meeting at the Citrix Building on January 28, 2010.  Here attached are the powerpoint presentations that took place.  If anyone would like to present or host a future meeting please let us know.  Please spread the word about our group!  If our group continues to grow so will our experience and knowledge.

The Powerpoint presentation file

  • BE12_VCB is titled : Symantec Backup Exec 12.5 VMware - Virtual Consolidate Backup 
  • SIMs is titled: Security Information Managers [SIM/SIEM]

More to come in the near future please continue to benefit from using our resources at Symantec.

jumbosafari | 22 Jan 2010 | 2 comments

A question.
does norton antivirus 2008 stop autoruns viruses on external media before they actually run?
i get the notification from norton in the taskbar but my fear is the virus has already executed then norton notifies me.
i can be wrong, maybe norton stops the autorun virus from executing and then notifies me.
any help would be great. thanks.

fulldecent | 02 Jan 2010 | 0 comments

I don't see how to reply with a comment. Instead I am posting in reply to 
SMS Subscription Via Fake IQ Test

I have added details about an exploit for iq tests with SMS payments at

MarissaVicario | 17 Nov 2009 | 0 comments

Posted on behalf of Paul Wood

This week I had the pleasure of sitting on a panel with some of the best and the brightest among my Symantec colleagues to reflect on 2009’s threat landscape and what we anticipate for the year ahead.

We concur that what we’ve seen this year was ugly. Botnets prevailed and took over as a primary means of spamming and spreading malware and social engineering attacks became more sophisticated. But what we also know is that this year pales in comparison to what 2010 is expected to bring: fast flux botnets will dominate, IM spam will rear its head, rogue security software vendors will up their game, fraud targeted at social networking apps will grow, new CAPTCHA bypass techniques will emerge... to name a few.

That’s the bad news. The good news is that with a bit of preparation and the right security solutions in place, we can continue to outsmart the bad guys.
So without further ado, I present to you...

riva11 | 02 Oct 2009 | 2 comments

I read an interesting article on PC Authority " Fake Antivirus: 5 software titles you should definitely NOT install ", there is a good description about the dangerous attacks by rogue security products.

Follows the Top 5 list of rogue security software titles to avoid (extract from Fake Antivirus: 5 software titles you should definitely NOT install ) :

1) SpySherrif

How it works:  This piece of malware does it best work by informing computers of false threats to their system. It's mostly found via web typo's (Toggle) and via infected software downloaded over P2P networks.

Threat value:  SpySherrif is extremely difficult to...

neil_rogers | 17 Sep 2009 | 2 comments

Everyone knows USB drives are a huge chance for losing data.  I found a way to make that worse.
I bought a USB drive for my wife to use on her personal laptop.  We all carry at least one of these.  Her drive stopped be recognized, let alone work on the system. 

Since it had only been used 3 times, i wanted the manufacturer to replace it under warranty.  They offered to exchange it only if i send it back with drive intact.  I was shocked that they required me to send it back.  They had a fax number that if i was with the government and can send letterhead of such an organization asking to not send the drive, and they will exempt it.

So a new drive cost $60-$150 depending on size.  Having personal, let alone any corporate data on the drive and it falls into the wrong hands, which if it is being sent in a box that says what company makes the drive or is addressed to the company, it would be easy for someone...

Satyam Pujari | 17 Sep 2009 | 7 comments

It has always been observed that autoplay/autorun feature of MS windows OS is one of the most preffered selection of malware propagation.We've witnessed some devastating examples of malware which used this feature effectively to replicate and converting a single machine infection to a malware outbreak with in first few hours.Conficker a.k.a W32.downadup is the most recent example of such malware.But this is not at all a new method of infection,rather this method of infection is there since decades.Some more popular examples are Trojan.Brisv.A!inf,W32.Gammima and many more in the long list.

Many other AV vendors detect autorun.inf but Symantec does not.Many people take it in a wrong way but there's a valid reason behind this decision that why Symantec does not detect autorun.inf.
Aniket Amdekar | 14 Sep 2009 | 0 comments

The Symantec ThreatCon rating is a measurement of the global threat exposure, delivered as part of Symantec DeepSight Threat Management System.

We always see the Threatcon level indicator on the website as well as the Endpoint Protection Manager.

Following is the description for each one of the levels:

Threatcon Level 1

ThreatCon Level 1

Low : Basic network posture
This condition applies when there is no discernible network incident activity and no malicious code activity with a moderate or severe risk rating. Under these conditions, only a routine security posture, designed to defeat normal network threats, is warranted. Automated systems and alerting mechanisms should be used.


Abhishek Pradhan | 23 Aug 2009 | 1 comment
When it comes to fighting malware, you may be asking as a security professional, “Why would I need to perform malware analysis? I don’t work for an anti-virus vendor.” If you are responsible for the security of a network, at some point in your career you will most likely have to perform malware analysis.
The goal of malware analysis is to gain an understanding of how a specific piece of malware functions so that defenses can be built to protect an organization’s network. There are two key questions that must be answered. The first: how did this machine become infected with this piece of malware? The second: what exactly does this malware do? After determining the specific type of malware, you will have to determine which question is more critical to your situation.
Types of Malware Analysis
There are two types of malware...
riva11 | 15 Aug 2009 | 1 comment

There are several discussions about phishing and socially engineered malware attacks, I found an article that help to understand how browsers are ready to detect these attacks.
Take a look on the report published on NSS Labs "Q3 2099 Phishing Test Report", This report examines the ability to protect users across the following browsers  :

  • Apple Safari v4
  • Google Chrome 2
  • Microsoft Internet Explorer v8
  • Mozilla Firefox v3
  • Opera 10 Beta

Extract from NSS Labs Blog :
Socially engineered malware is the most common and impactful threat on the Internet today, with browser protection averaging between 1% and 81%. Internet Explorer 8 caught 81% of the socially engineered...