Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Response
Showing posts tagged with IT Risk Management
Showing posts in English
Greg Ahmad | 18 Mar 2010 22:25:25 GMT

Over the past few years, targeted attacks against organizations have become increasingly common and have gained notoriety. One of the most well known of these attacks is the recent compromise of Google, Adobe, and many other companies as part of the Trojan.Hydraq or the “Operation Aurora” incident. This particular attack involved organized and well-resourced cyber criminals who used a zero-day memory-corruption exploit for Microsoft Internet Explorer as an attack vector to deliver a malicious payload, known by the name of Trojan.Hydraq. The attackers behind this operation targeted various organizations and sent messages using the spear phishing technique, which makes email messages look like they come from a trusted source, thereby increasing the chance of victims following links or opening attachments. Once the vulnerability was successfully exploited and the Hydraq malware...

khaley | 17 Mar 2010 16:21:15 GMT

People choose their passwords based on different factors: how easy they are to remember, how strong or complex they are, the sentimental value they have, etc. Symantec has developed a survey to show how you compare to others with your password considerations. The one to two minute survey can be found at Don’t worry, it doesn’t ask you for your passwords.  Some of you may have also noticed that this survey is not being run off the Symantec website—good catch. Our readers are clearly not the type to fall for a phishing attack. Don’t worry, we’ve checked it out, this link is safe to use. Give it a whirl; we’d love to see how we’re all doing as a group at keeping our sensitive accounts and information safe.

The fact is, hackers can get through any password if they’re given enough time. Your goal should be...

Alessandro Tatti | 17 Mar 2010 10:40:37 GMT

In 2005, the European Commission embarked on a new policy framework that embraced all aspects of the “information society.” This framework, called i2010 - A European information society for growth and employment, provides the broad policy guidelines for the information, communication, and audiovisual sectors in the years up to 2010.

One of the priorities of the EU's i2010 program is to focus on E-Health to boost innovation and jobs. The aim is to provide user-friendly and interoperable information systems for patients and health professionals across Europe. E-Health provides many benefits, such as making it easier for doctors to access patients’ medical records, gain immediate access to test results from the laboratory, and deliver prescriptions directly to pharmacists.

The electronic health...

Thomas Parsons | 19 Jan 2010 15:05:34 GMT

Symantec goes to great lengths to prevent false positives from occurring. Undoubtedly false positives (FPs) are a concern for all vendors across the antivirus industry. However with as large a user base as Symantec has, we need to set the bar very high. Symantec’s content is used on over 120 million devices around the world so any software defects like a false positive have a much higher chance of being exposed than with a smaller user base.

Given the importance of false positives our quality assurance team is at the forefront of efforts to prevent them. With this in mind we’d like to make available recently completed research in this area. The research is entitled ‘A False Positive Prevention Framework for Non-Heuristic Anti-Virus Signatures’ and is in the form of a case study (based on Symantec). That sounds like a mouthful...

khaley | 06 Jan 2010 17:48:24 GMT

When I worked at a small business the IT guy also took care of the phone system, assembled bookcases if needed, and occasionally worked the front desk when the receptionist was on break. In a small business everyone wears many hats and you often don’t really have the skills necessary to do everything asked of you all that well. Or if you do, you probably don’t have the time.

But certainly small and medium businesses understand the importance of computer security and make sure they take all the steps necessary to protect their business from the potentially devastating losses of cybercrime! Well, that’s half right. According to a survey done last year by Symantec, SMBs know security is important but they are not taking proper steps to protect themselves. In fact, a stunning 33 percent of SMBs don’t even run basic antivirus software.

The SMBs surveyed said they don’t have the staffing, budget, or bandwidth to properly protect themselves. And...

Thomas Parsons | 10 Dec 2009 16:17:19 GMT

In quality assurance circles at Symantec it is often stated that clean data (e.g. files from clean software) are to false positives as malicious data are to true positives. In simple terms this means that clean data helps us prevent false positives in the same way that we can’t write antivirus signatures or antivirus technology if we don’t have malicious data.

At Symantec we go to serious lengths to generate, and also source, clean data to assist with our false-positive prevention efforts. With this in mind, over the past 12 months we piloted a “software white-listing program” that allows software developers and Independent Software Vendors (ISVs) the opportunity to proactively white-list their software with Symantec.  The good news is that, due to the success of the pilot program, we are ready to offer this program on a...

Henry Bell | 09 Dec 2009 23:10:48 GMT

Ahoy there ye landlubbers! The high seas of wireless security appear to have gone commercial with the introduction of a paid service that means it just got a whole lot easier for a casual attacker to break into your wireless network. Before going on to talk about how this attack vector can be used, though, we'll quickly cover off some terminology; Wi-Fi standards can be an acronym minefield.

Many moons ago—more than ten years ago, in fact—a move was made to devise a method of securing wireless networks that would provide a level of confidentiality equivalent to that of traditional wired networks. The name Wired Equivalent Privacy (WEP) was given to the system. Unfortunately flaws emerged and it turned out to be trivial to circumvent. WEP is still built in to most Wi-Fi products on the market, but security-wise it was blown out of the water long ago and as such its use is now heavily deprecated. Roll out the successors!

Wi-Fi Protected Access (WPA)...

khaley | 17 Nov 2009 20:13:47 GMT

Yes, it’s a cheap trick and not even close to original. But the lesson here is that even obvious social engineering tricks can get people to click on a link. We can’t help ourselves. We love to click. Clicking on links and attachments that are accompanied by just the slightest bit of social engineering appears to be a basic human need. I expect it to show up in a revision of Maslow’s Hierarchy of Human Needs any day now—behind love, but certainly ahead of safety.

I do have a point to all this. Two actually. As we compiled the Security Trends to Watch in 2010, what occurred to me is that the people who most needed to read this information never will. At least not without some social engineering on my part. And since social engineering plays such a prominent role in future trends, it seemed appropriate. So I’ve decided to use this little trick to get people to...

khaley | 17 Nov 2009 19:59:04 GMT

The Security Response team has compiled the top security trends of 2009. We pulled data from the Global Intelligence Network and the experiences of the thousands of analysts and security experts at Symantec to come up with the top trends for the year. While none of these trends will be a surprise to anyone even casually following the threat landscape, when compiled and summarized, it is clear that the breadth of security problems in the past year was pretty stunning.

For example:

•    Toolkits and threat recycling have made malware easier to create than ever
•    Polymorphic technology is being applied to make threats harder to catch
•    Botnets, large and small, are used as the foundation of attacks making most attacks complex
•    All major news events are used for social engineering
•    Major brands are being appropriated by cybercriminals...

khaley | 09 Nov 2009 22:08:08 GMT

One thing I see again and again in this job is that people usually don’t think about security until after they are hit with an incident. Companies create disaster recovery plans after the disaster. They come up with incident response teams after the incident. And consumers get antivirus software after they’ve had a virus infect their system.

People, here is a chance to turn that all around. We’ve seen several incidents of mobile phones being hacked. So far it’s been by old school hackers, those that are doing it just to prove that it can be done. But history shows us that the cyber criminals follow closely behind the old school hackers, and they will not be doing it for kicks—they’ll be doing it to rip you off.
Security professionals approach any situation like this by a risk assessment; in other words, they try to figure out what bad things could happen. Then they can hope for the best, but prepare for the worse. If...