The Symantec Report on Rogue Security Software includes an in-depth analysis of the methods scammers use to distribute rogue security applications. This blog presents some of the highlights of the research into the distribution of these scams.
In the report, the following distribution and advertising trends were observed:
• Ninety-three percent of the top 50 most prevalent rogue security applications were distributed as intentional downloads. This means that victims are tricked into believing they are downloading legitimate security software and subsequently installing the rogue application.
• Seventy-six percent of the top 50 most prevalent rogue security applications were classified as unintentional downloads. This means that the software may be installed unintentionally through drive-by downloads or...
As part of the process of compiling the data for Symantec’s Internet Security Threat Report(ISTR), we discuss which metrics are critical to defining trends in thethreat landscape. We are constantly reassessing the validity of certainmetrics and looking for opportunities to create new metrics. Our datacollection capabilities have improved over the years with newacquisitions, new products, and new product features that allow us totrack different types of data. It is a great benefit that Symantec is acompany that has grown with the threat landscape. It is also a matterof internal policy with the ISTR team to rigorously question and debatethe relevance and validity of what we’re reporting on. I’d like to takethis opportunity to reflect a little bit on the process behind thecreation of one of the new metrics for this report – zero-dayvulnerabilities.
ISTR, Volume XI gave me an interesting research project – find thenumber of zero-day vulnerabilities. This seems...
Google hacking is a well-known phenomenon.It consists of using Google’s advanced operators to search forsensitive files or other security issues in content that Google hasindexed. Various techniques and examples have been developed to findsuch things as password files, web-cam management interfaces, etc.Ultimately, Google hacking has revealed data management issues thatcause sensitive information to be exposed to the public. This is stillan ongoing issue for many organizations.
Of course, Google’s advanced operators were initially intended formore benevolent purposes. I like to think of this as another form ofGoogle hacking. Searching Google without fine-tuning your search termsis like drinking from the fire hose. Many people never bother to learnthe advanced search operators that really let you nail down results.Therefore, I thought I would throw together some examples of how I usethe advanced operators every day to query SecurityFocus.
