Video Screencast Help
Search Video Help Close Back
to help
Not able to make it to Vision this year? Get a sampling in the Best of Vision on Demand group.

Security Community Blog

Showing posts tagged with Security Risks remove filter
Slides and Notes from the South Florida Security & Compliance User Group Meeting -1/28/10
rcarela | 01 Feb 2010 | 0 comments

The South Florida Security & Compliance User Group Board of Directors would like to thank everyone who attended the meeting at the Citrix Building on January 28, 2010.  Here attached are the powerpoint presentations that took place.  If anyone would like to present or host a future meeting please let us know.  Please spread the word about our group!  If our group continues to grow so will our experience and knowledge.

The Powerpoint presentation file

  • BE12_VCB is titled : Symantec Backup Exec 12.5 VMware - Virtual Consolidate Backup 
  • SIMs is titled: Security Information Managers [SIM/SIEM]

More to come in the near future please continue to benefit from using our resources at Symantec.

Read more
does norton anti 2008 stop autorun?
jumbosafari | 22 Jan 2010 | 2 comments

A question.
does norton antivirus 2008 stop autoruns viruses on external media before they actually run?
i get the notification from norton in the taskbar but my fear is the virus has already executed then norton notifies me.
i can be wrong, maybe norton stops the autorun virus from executing and then notifies me.
any help would be great. thanks.

Read more
流氓安全软件之SecurityToolFraud (二)行为
Livian Ge | 18 Jan 2010 | 0 comments
        最近这段时间里,流氓安全软件家族中又出现了新的成员,SecurityToolFraud

                   5_SecurityToolFraud.jpg

 
        数据表明,在最近的一个月的时间里,平均每天有至少十万台机器中招SecurityToolFraud。
 
        在测试过程中,我们发现,为了诱使用户付费,SecurityToolFraud会严重影响电脑的正常操作:
 
         a.       每次在用户登录后,SecurityToolFraud会主动运行所谓的扫描,然后提示系统中毒,需要激活产品进行清除。

                  ...

Read more
RE: SMS Subscription Via Fake IQ Test
fulldecent | 02 Jan 2010 | 0 comments

I don't see how to reply with a comment. Instead I am posting in reply to 
SMS Subscription Via Fake IQ Test

I have added details about an exploit for iq tests with SMS payments at
http://privacylog.blogspot.com/2009/01/security-ho...
 

Read more
The Worst is Yet to Come: Symantec’s 2010 Security Predictions
MarissaVicario | 17 Nov 2009 | 0 comments

Posted on behalf of Paul Wood

This week I had the pleasure of sitting on a panel with some of the best and the brightest among my Symantec colleagues to reflect on 2009’s threat landscape and what we anticipate for the year ahead.

We concur that what we’ve seen this year was ugly. Botnets prevailed and took over as a primary means of spamming and spreading malware and social engineering attacks became more sophisticated. But what we also know is that this year pales in comparison to what 2010 is expected to bring: fast flux botnets will dominate, IM spam will rear its head, rogue security software vendors will up their game, fraud targeted at social networking apps will grow, new CAPTCHA bypass techniques will emerge... to name a few.

That’s the bad news. The good news is that with a bit of preparation and the right security solutions in place, we can continue to outsmart the bad guys.
So without further ado, I present to you...

Read more
Article: 5 software titles you should definitely NOT install
riva11 | 02 Oct 2009 | 2 comments

I read an interesting article on PC Authority " Fake Antivirus: 5 software titles you should definitely NOT install ", there is a good description about the dangerous attacks by rogue security products.

Follows the Top 5 list of rogue security software titles to avoid (extract from Fake Antivirus: 5 software titles you should definitely NOT install ) :

1) SpySherrif

How it works:  This piece of malware does it best work by informing computers of false threats to their system. It's mostly found via web typo's (Toggle) and via infected software downloaded over P2P networks.

Threat value:  SpySherrif is extremely difficult to remove by traditional security...

Read more
USB Drives and data loss - Attention IT Security
neil_rogers | 17 Sep 2009 | 2 comments

Everyone knows USB drives are a huge chance for losing data.  I found a way to make that worse.
 
I bought a USB drive for my wife to use on her personal laptop.  We all carry at least one of these.  Her drive stopped be recognized, let alone work on the system. 

Since it had only been used 3 times, i wanted the manufacturer to replace it under warranty.  They offered to exchange it only if i send it back with drive intact.  I was shocked that they required me to send it back.  They had a fax number that if i was with the government and can send letterhead of such an organization asking to not send the drive, and they will exempt it.

So a new drive cost $60-$150 depending on size.  Having personal, let alone any corporate data on the drive and it falls into the wrong hands, which if it is being sent in a box that says what company makes the drive or is addressed to the company, it would be easy for someone...

Read more
KB 971029 - A good step towards malware propagation prevention.
Satyam Pujari | 17 Sep 2009 | 7 comments

It has always been observed that autoplay/autorun feature of MS windows OS is one of the most preffered selection of malware propagation.We've witnessed some devastating examples of malware which used this feature effectively to replicate and converting a single machine infection to a malware outbreak with in first few hours.Conficker a.k.a W32.downadup is the most recent example of such malware.But this is not at all a new method of infection,rather this method of infection is there since decades.Some more popular examples are Trojan.Brisv.A!inf,W32.Gammima and many more in the long list.

Many other AV vendors detect autorun.inf but Symantec does not.Many people take it in a wrong way but there's a valid reason behind this decision that why Symantec does not detect autorun.inf.
 
Read more
Meaning of the ThreatCon levels
Aniket Amdekar | 14 Sep 2009 | 0 comments

The Symantec ThreatCon rating is a measurement of the global threat exposure, delivered as part of Symantec DeepSight Threat Management System.

We always see the Threatcon level indicator on the Symantec.com website as well as the Endpoint Protection Manager.

Following is the description for each one of the levels:

Threatcon Level 1

ThreatCon Level 1

Low : Basic network posture
This condition applies when there is no discernible network incident activity and no malicious code activity with a moderate or severe risk rating. Under these conditions, only a routine security posture, designed to defeat normal network threats, is warranted. Automated systems and alerting mechanisms...
Read more
A peek @ Malware Analysis
Abhishek Pradhan | 23 Aug 2009 | 1 comment
 
When it comes to fighting malware, you may be asking as a security professional, “Why would I need to perform malware analysis? I don’t work for an anti-virus vendor.” If you are responsible for the security of a network, at some point in your career you will most likely have to perform malware analysis.
 
The goal of malware analysis is to gain an understanding of how a specific piece of malware functions so that defenses can be built to protect an organization’s network. There are two key questions that must be answered. The first: how did this machine become infected with this piece of malware? The second: what exactly does this malware do? After determining the specific type of malware, you will have to determine which question is more critical to your situation.
 
Types of Malware Analysis
 
There are two types of malware...
Read more

Technical Support

Symantec.com

Store

Community Stats

Total Content Items
Members
269,999