Video Screencast Help
Search Video Help Close Back
to help

Security Response

Showing posts tagged with Security Risks
Showing posts in English
Spyware and Adware on Mobile Devices
Eric Chien | 17 May 2006 07:00:00 GMT | 0 comments

When we talk to customers about the future malware landscape, many often wonder when mobile device threats are going to arrive. They are surprised to learn that threats for mobile devices already exist, aren't just proof of concepts, and are actively spreading. Commwarrior, for example, infects Symbian Series 60 devices (for example, many Nokia smartphones) and has been reported worldwide. According to news reports, telephony companies have stated that Commwarrior has accounted for more than ten percent of all of their MMS traffic. Other telephony companies that Symantec has spoken to have specifically implemented filters to block Commwarrior at their gateways due to the amount of traffic it was generating.

While threats exist and are actively spreading, we are probably still years away from the situation we have with the Microsoft Windows operating system. We hope we can take a lesson from history and prevent such a situation, but some lessons seem to be...

Read more
The Importance of Using a Firewall for Threat Protection
Patrick Martin | 10 May 2006 07:00:00 GMT | 0 comments

People often ask me about the best way toconfigure their computer to protect against threats, such as worms andTrojan horses. They say they have installed antivirus protection andnever open unexpected email attachments. But they wonder if that isenough. Antivirus protection is certainly an important part of aneffective protection solution. It has the ability to detect knownthreats as well as many new ones via heuristic technologies. But thereis a second technology that can be added to help complete the picture:a firewall.

While antivirus software helps to protect thefile system against unwanted programs, a firewall helps to keepattackers or external threats from getting access to your system in thefirst place. Most people are aware that worms often travel throughemail. They generally arrive as an attachment to an email that the useris enticed to click on by the text of the email itself. We call thesethreats “mass-mailing worms.” The best thing to do with...

Read more
Microsoft Windows Vista Security: Always Be Prepared
Abdul Nabi | 03 May 2006 07:00:00 GMT | 0 comments

“Microsoft Windows Vista is the most secure and trustworthy Windows operating system yet.” This notion seems to be the foundation of the many media articles on the upcoming Windows Vista release that have been written over the past year or so. This tagline is probably a fairly accurate statement based on general testing of the Vista Community Technology Preview (CTP) distributions and on the functional security feature set provided in Vista, as specified by Microsoft. Windows Vista will likely be more secure out of the box than Windows 2003, XP, 2000, or NT were during their initial releases.

However accurate the above notion is, the technology industry pundits, editorialists, and “expert” analysts have managed to translate the aforementioned would-be truth about Vista into a more general statement. This statement is that Vista is a highly secured and hardened operating system that may well be impenetrable and impervious to attack, one that...

Read more
Spyware Resistant Web Authentication Using Virtual Machines
Zulfikar Ramzan | 02 May 2006 07:00:00 GMT | 0 comments

Collin Jackson, Dan Boneh, and John Mitchell of Stanford have developed a neat system, called Spyblock, for entering sensitive information into Web browsers so that it can’t be sniffed by spyware. Users browse the Web in a virtual machine (VM). However, sensitive information is only entered in secure environment (outside the VM, but typically on the user’s same machine) and injected into the outgoing data stream. A browser extension is used to facilitate the transactions between the secure and insecure environments.

Spyblock also includes a number of other features:

1) A “transaction confirmation” feature so a user can detect the presence of active malware (i.e., malware that tries to conduct malicious transactions surreptitiously by piggybacking on top of an existing user session).

2) Support for password authenticated key exchange (PAKE), which provides added security against dictionary attacks and also provides mutual authentication.

3) Support for...

Read more