A while back we took a look at how securityalerting was being done across the industry and noticed that there wasplenty of room for improvement. We started out with our own ThreatCon.It was easy to see that it wasn’t very effective for helping lesstech-savvy consumers to protect themselves online. On the humorousside, we did a little survey on customer perception and effectivenessof the ThreatCon and one of the respondents thought it was related tosomething on StarTrek. Ouch! The feedback we got gave us a clearpicture of where to begin our journey to improve our alerting systems.
We began the overhaul of our security alerting systems early last spring by introducing the Internet Threat Meter(ITM) for...
We recently hit a big milestone here at Symantec Security Response:30 VB100 awards in a row! This means that for every VB100 test forwhich we have submitted a product, we’ve detected all the threats onthe latest WildList without missing a threat and without triggering afalse positive on a clean file. For a little perspective, this streakstretches all the way back to the last century (OK, 1999) with theNovember 1999 VB100 test for Windows 98. We think this a prettyremarkable achievement in consistency and reliability.
There were a couple other notable items in the latest test, not theleast of which was that it was the first VB100 that covered Microsoft’snew Vista operating system. We were one of several security companieswho notched a win on the inaugural Vista VB100, but there were a few ofus who didn’t quite make the cut.Note that malware on...
We’re happy to report that so far today, Peacomm and Mixor.Qactivity is lighter than the maelstrom of activity we’ve seen inprevious days. We’ve noted no new spam runs today, with the malwaresubmissions and activity levels tapering off a bit as well. Phew! OurSecurity Response team in Pune, India, has pulled together a slickFlash-based run through of the attack, which can be viewed using thefollowing URL: http://www.symantec.com/content/en/us/home_homeoffice/media/flash/peacomm.html
Just a little more info on this threat you may have not heardbefore—it is communicating over peer-to-peer using the Overnet protocoland network (of eDonkey fame). After connecting to the network, thethreat then searches for some particular hashes (searches are done byhash, not by specific filename) and eventually it receives a reply thatincludes some 'meta tag' information. The meta...
Read ‘em and weep. Doesn’t matter what it is, how much you spent onit, or what you’ve done it implement it, its outlook is about as goodas the Cleveland Browns’ Super Bowl chances. Got your attention? That’sthe idea. This type of apocalyptic proclamation has been alive and wellin information security over the past few years and never ceases to getits share of eyeballs and chatter. Gartner fired a shot across the bowa while back with the “IDS is dead” statement and similar things arenow being said about antivirus. The siren call of these alarmiststatements has proven irresistible, but I’ll offer that while they makefor catchy headlines, they obscure a more complex, but much moreaccurate reality. In this spirit, I’ll offer up a couple of alternateheadlines that are a lot less captivating, but also do a better...
Since the early days of e-commerce,businesses have recognized the potential for the Internet to streamlinehow they interact with their customers. Oftentimes this meantdiminishing or eliminating the role of the businesses that were sittingin the middle, brokering the brick and mortar transaction. Goingstraight to the customer with a snazzy online store or auction Web sitecut these middle players (and their costs) out of the mix. This allowedthe business to take back profit margin, offer lower costs, andincrease transaction volume.
The benefits of gettingcloser to the customer haven’t been lost on those who peddle misleadingapplications. Misleading applications are programs that intentionallymisrepresent the security status of a computer by working to convincethe user that he or she must remove risks (usually nonexistent or fake)from the computer. The application will hold the user hostage byrefusing to allow him or her to remove or fix the phantom...
