Video Screencast Help
Security Community Blog
Showing posts in English
SebastianZ | 27 Jan 2014 | 1 comment

Fortinet’s FortiGuard Labs has published a very interesting whitepaper about 10 years anniversary of mobile malware. According to the study mobile malware is evolving quite rapidly - only in 2013 researchers of FortiGuard have see more than 1300 new malicious applications per day with up to 400.000 malicious applications in total.

The whitepaper goes back up to 2004 and the first mobile worm - Cabir (infecting Nokia phones) up to year 2013 and arrival of first Ransomware for Android devices - FakeDefend.

Reference:
The World’s First Mobile Malware Celebrates its 10th Birthday
http://www.fortinet.com/resource_center/whitepapers/10th-anniversary-of-first-mobile-malware.html

...

SebastianZ | 27 Jan 2014 | 0 comments

Spoofed websites for popular social apps have been observed for some time now - recent reports from Malwarebytes show that one of the most popular mobile app - WhatsApp has been targetted recently as well.

The particular site at question aimed at Russian speakers and offered app download for broad scope of mobile devices - IOS, Android, Windows Phone and Blackberry. The site was resambling the legitimate website quite a bit with lot of code scrambled from the oficial website. The unsuspecting users downloading the application would get infected by variant of Android SMS Trojan that once installed would start sending text messages to premium rate numbers.

 

Reference:

Spoofed Whatsapp site delivers polymorphic SMS Trojan
http://www.net-security.org/malware_news.php?id=2687...

The Conquistador | 24 Jan 2014 | 1 comment

Here is how I corrected this

Baseline Filtering Engine service issue.

Good day everyone, here are the steps that worked for me with the BFE issue.

Error Code 0x80070424 with Windows Firewall and "Base Filtering Engine Service" Not available in services database list.

 

danma_

danma_

13,009 Points 10 3 3

Recent Achievements

Ratings Board President Blog Party Starter New Wiki Editor

View Profile

26 Dec 2011 11:44 PM

  • Comments 261
  • ...
Brandon Noble | 23 Jan 2014 | 2 comments

Recently we have seen a re-emergence of polymorphic file infectors, AKA viruses.

Threats like W32.Sality and W32.Xpiro are using some old-school tactics to infect good files and spread through networks. As the former captain of my high school analogy team, I’m writing this informal blog to help de-mystify some of the difficulties around dealing with these kinds of threats.

If we think of our normal run-of-the-mill Trojans and worms like a specific kind of fruit, it helps a little bit. Let’s say we need to create detection for an apple…That’s pretty simple right? We look for common traits that the apple has with other apples of the same kind. Something like this:
IF fruit AND red skin AND white flesh AND black seeds>detect W32.Apple!red
So now we can detect Galas,...

Philip Routley | 22 Jan 2014 | 0 comments

You need to think global in the 21st century. But sometimes it’s vital to keep a local perspective too. Take internet security. Many threats have a worldwide character but, in every country, consumers and businesses also face specific dangers every time they go online with their laptops, tablets, smartphones or desktops.

And it’s the threats that have been carefully crafted to exploit local trends and behaviours that are often the most plausible and destructive – and most likely to leave you counting the cost in terms of financial loss, stolen data, identity theft, disruption and inconvenience.

Korea is a prime example of what this means in practice. It’s a magnet for cybercriminals based both inside and outside the country, attracted by Korea’s affluence and its well-earned reputation as one of the world’s leading ‘online nations’. In this, the first country to reach 100% WiFi penetration, where 30 million people own smartphones and over 90% of homes have high-speed...

riva11 | 21 Jan 2014 | 0 comments

SplashData has compiled a list of the 25 worst passwords of 2013.  This list is from files containing stolen passwords posted online during the previous year.

This year's list is heavily influenced by the large number of Adobe user passwords posted online following the company's 2013 security breach.

 

"Seeing passwords like 'adobe123' and 'photoshop' on this list offers a good reminder not to base your password on the name of the website or application you are accessing," says Morgan Slain, CEO of SplashData.

SplashData's list of frequently used passwords shows that many people continue to put themselves at risk by using weak, easily guessable passwords. Some other passwords in the Top Ten include "qwerty," "abc123," "111111," and "iloveyou."

"Another interesting aspect of this year's list is that more short numerical passwords showed up even though websites are starting to enforce stronger password policies," Slain...

DomSYMC | 20 Jan 2014 | 0 comments

The Vulnerability Assessment (VA) scan is a service that each week performs a scan searching for common entry points for the domain you enrolled in for with a purchase of certain SSL certificates. 

If the scan finds any potential weakness within that domain that if breached could threaten your online security, an e-mail will be sent out informing the technical contact to pick up the results of the scan in a downloadable PDF report highlighting the most critical vulnerabilities if any are found.

The Vulnerability Assessment scan is a service that is available for following account types and products:

 

VA scan products.JPG

 

You may have lots of questions or may want to know more regarding the technicalities of the Vulnerability Assessment scan. Such as..

  • What IP address does it scan from?
  • What types of...
Jeannie Warner | 20 Jan 2014 | 0 comments

Are you passionate about security? Love solving difficult problems? Want to work with a wide variety of technologies and platforms? Come work with Symantec! Security Analysts in Symantec's Managed Security Services work on a world class team to identify threats within client environments, in order to keep clients secure. This includes real time review of security incidents, analysis of logs and alerts, and escalation to the client for severe incidents.

The full job description is below:

Responsibilities

•             Monitoring and analyzing logs and alerts from a variety of different technologies (IDS/IPS, Firewall, Proxies, Anti-Virus, etc…), across multiple platforms.

•             Assessing the security impact of security alerts and traffic anomalies on customer networks.

•     ...

Jesper_Mathiasson | 17 Jan 2014 | 0 comments
There are too many service requests that are handled manually and spread across multiple systems, which are repeatable and are using several approval steps. That makes the service delivery both time consuming and cost inefficient. 
 
Zitac SEP Process Automation creates the right possibilities to make the SEP administration more efficient and increase the end user experience without affecting security. Zitac has today created a number of predefined automated processes that easily can be integrated in your environment with focus on:
 
  • Secure delegation of the SEP administration based on user or group specific needs
    - Firewall policies
    - Situation based policies. For example to allow USB connected storage devices
  • Manage Virus outbreaks by predefined automated processes
    - SMS alerts
     
  • SEP Group administration
    - In...
Symantec Corp. | 16 Jan 2014 | 3 comments

Gartner Inc. has once again positioned Symantec as a Leader in the Magic Quadrant for Endpoint Protection Platforms (EPP) – a position Symantec has held for a 12-year span.¹ We believe this leadership position in the 2014 Magic Quadrant report, published January 8th, 2014, and Symantec’s recent positive vendor rating by Gartner² are indications of a strong product offering that performs well in detection, protection and performance.

According to the new Magic Quadrant report, which positions vendors based on their ability to execute and completeness of vision, “protection from common malware, as well as more advanced persistent threats, is the top critical consideration for EPP buyers.” The report further states that the rise of targeted attacks is “shredding what is left of the anti-malware markets stubborn insistence in reactive protection techniques,” and highlights the need for EPP solutions to...