Video Screencast Help
Symantec Appoints Michael A. Brown CEO. Learn more.
Security Response
Showing posts tagged with Security Risks
Showing posts in English
Joseph Blackbird | 06 Nov 2006 08:00:00 GMT | 0 comments

Well, it’s now November and time to startthinking about buying presents for the holiday season. In the last fewyears, one of the most popular choices for presents has been one of themany different MP3 players on the market. Two incidents occurred inOctober that may make you think twice before connecting that new playerto your computer. Reports surfaced that a small number of Apple’s VideoiPods were infected with the Rajumpvirus. The virus was traced back to a Windows-based computer that wasused to test the devices during the manufacturing process.Additionally, some of the MP3 players given away as part of a promotionby McDonald’s in Japan were infected with a virus. Any new device thatyou connect to your computer should always be scanned with anup-to-date antivirus product before you allow it to synchronize anyfiles.

Also in October, there were a couple of...

Al Hartmann | 01 Nov 2006 08:00:00 GMT | 0 comments

This Weblog and the blogoshpere in generalhave been abuzz with controversy over Microsoft PatchGuard and issuesdealing with appropriate kernel security instrumentation. This blogentry is the first of a two-part series. It provides an excerpt of adraft posting that proposes an abstract host security metasystem andlaws of host security that attempt to raise the level of discourseabove specific features and implementations. This blog entry willoutline the sensor and effector instrumentation laws and the secondblog entry, covering the security and policy component laws, will bepublished later this week. Symantec posted this draft to openly solicitconstructive comments and helpful suggestions for draft refinements.The intent is to reach industry consensus on an architectural frameworkto guide designers of future host security subsystems and supportinginstrumentation.


Josh Harriman | 23 Oct 2006 07:00:00 GMT | 0 comments

Privacy is a big concern when surfing the Internet. One major application has attempted to make Internet activities somewhat anonymous. “Tor” is an anonymous Internet communication system that allows users to surf the Web, send email, and use IM; all the while attempting to avoid network surveillance, traffic analysis, and state security. Tor users’ IP addresses (a computer’s basic identity) and exact locations are kept secret as the users read important stories on the Web, send their grandmother an email, or chat with their new best friend.

Unfortunately, Tor also opens up other avenues of attack and one must be aware of the risk, in return for the benefit of being partly anonymous. The way Tor works is that packets sent from your computer actually go to someone else’s computer, then to someone else’s computer, and so on. Eventually, your data reaches what is known as an...

Patrick Fitzgerald | 20 Oct 2006 07:00:00 GMT | 0 comments

Many of the new threats seen today aren’tadvancements in their own right; rather, they just take advantage ofadvancements in technology. For example, VBScript enables programs tobe written quickly, but also makes writing malware extremely easy.Remember VBS.LoveLetter, also known as the “I-Love-You” worm? This wasa mass-mailing worm that ultimately ended up causing millions ofdollars worth of damage because of crashed servers, not to mention thepunitive damages caused by files being overwritten. While VBScriptsgave administrators the ability to perform more robust tasks viascripting, developers need to be aware of the possible detrimentaleffects of these new technologies. For example, after VBS worms becamewidespread, Microsoft forced user consent before a script could harnessMicrosoft Outlook to send itself, thereby neutering that attack vector.

Another seemingly innocuous feature has been extremely useful tosome malware writers. The advent of NTFS brought with it the...

Sarah Gordon | 20 Oct 2006 07:00:00 GMT | 0 comments


It's been a week since I finished my VB talk (almost on time). WhileI didn't get to the part of the talk exploring computer games and fun videosand their relevance to teaching people about security (and computerskills in general, and life skills, too!), I did get some interestingfeedback from some of the delegates. The one thing I've heard mostconsistently is that the ideas my talk put forth apply to technicalpeople, as well as not-quite-so-technical people. My first reactionwas—“wow”. I was hoping it would eventually get around to this. Onepurpose of the paper was to initiate bridge building between differentmindsets. The fact that I was able to get this across in the firstsegment of this research is just, well, unexpected.

People seemed to really be...

Marc Fossi | 16 Oct 2006 07:00:00 GMT | 0 comments

As regular readers of this blog site willbe aware, I attended the Virus Bulletin 2006 conference in Montreal,Quebec last week. On my flight home to Calgary (aboard a major Canadiancarrier) they had something new for me. On the back of each seat therewas a touch-screen display for people to watch movies, television, andso on. Ok, so this may not be anything new (I probably just don’t getout enough) or all that interesting at first glance. However, a coupleof things relevant to computer security struck me about these screens.

Almost right after looking at the screen for the first time, my eyeswere drawn to a socket just to the left of it—a USB port. There weren’tany keyboards distributed during the flight, but I suspect the portsare there for a future video game option (when I tried selecting thisoption on the touch screen, I was greeted with a “This feature iscurrently unavailable” message). Now, there’s also a distinctpossibility that the operating system behind these...

Peter Ferrie | 12 Oct 2006 07:00:00 GMT | 0 comments

Some time ago, the author of W32.Gatt had posted a comment on his Web site that said he read my blog entry aboutthis particular virus. From there on in he assumes that we visit hispage often. In fact, we have no need for it—customers are doing thatfor us.

We receive samples almost as soon as they appear on any Web site,anywhere in the world, and we are notified about curious comments likethat one. To quote the virus author's entry: "Interpretation without acontext of information." Well, exactly. Interestingly, while the authorclaims that Symantec was wrong about why the source was not released,he does not tell us why the source wasn’t released. It must be quitesensitive, maybe even better than my reason, but until we know, I'llstick with my reason.


Sarah Gordon | 11 Oct 2006 07:00:00 GMT | 0 comments


Monday was a holiday in the United States, but since I’m in Canada I took advantage of that fact in order to not take the day off. My boss should like that. :) Instead, I created some more slides for my upcoming VB presentation;but, I didn’t have a very easy time of it. Some people are naturals atputting together presentations—complete with nice graphics,easy-to-read charts, and a minimum of animation. I’m not one of them.Not only do I fight (and I’m finally winning, I might add) theanimation daemon that seems to want to add flying horses and spinningcircles of yellow and black to each slide, I am dyslexic and I suffer from more than moderate dyscalculia, making charts more than a small challenge.

I think...

Sarah Gordon | 10 Oct 2006 07:00:00 GMT | 0 comments


I landed in Montreal on Sunday morning and immediately began sortingout pictures of my dogs (!) so I could put the finishing touches on myVirus Bulletin presentation. “Everything I Need to Know About Security I Learned from My Dog and a Country Western Song”is not your usual security paper title; in fact, the initial ideaevolved as a tongue-in-cheek “what if” mental exercise. However, themore I thought about it, and the more people I talked to about it, themore I realized the idea was worth pursuing to the next level.Somewhere along the way it changed to “two dogs”, I submitted theabstract to Virus Bulletin, it was accepted, and the paper began totake shape.

Virus Bulletin is undoubtedly one of the best opportunities(globally...

Dave Cole | 10 Oct 2006 07:00:00 GMT | 0 comments


Read ‘em and weep. Doesn’t matter what it is, how much you spent onit, or what you’ve done it implement it, its outlook is about as goodas the Cleveland Browns’ Super Bowl chances. Got your attention? That’sthe idea. This type of apocalyptic proclamation has been alive and wellin information security over the past few years and never ceases to getits share of eyeballs and chatter. Gartner fired a shot across the bowa while back with the “IDS is dead” statement and similar things arenow being said about antivirus. The siren call of these alarmiststatements has proven irresistible, but I’ll offer that while they makefor catchy headlines, they obscure a more complex, but much moreaccurate reality. In this spirit, I’ll offer up a couple of alternateheadlines that are a lot less captivating, but also do a better job ofhitting the mark, in my eyes....