Video Screencast Help
Security Response
Showing posts tagged with Security Risks
Showing posts in English
Thomas Parsons | 25 Nov 2008 10:44:34 GMT | 0 comments

As part of our continuous false-positive prevention efforts for antivirus signatures at Symantec, we research different areas that may help us in our quest. One area of particular interest is the utilization of clean data to prevent the manifestation of antivirus signatures that cause false positive conditions. As a result of this work, earlier this year Bartek, Julie, Catherine, and I co-authored a paper entitled “Clean Data Profiling.” The paper was subsequently published at the Virus Bulletin 2008 Conference in Ottawa in October and is made
available here courtesy of the same organization.

M.K. Low | 17 Nov 2008 15:16:26 GMT | 0 comments

A while back I came across an article about a website that tries to reunite lost photos with their owners. People who come across cameras, memory sticks, or photos are asked to upload a few of them onto the site with information such as location, date, or other specific details that may be recognizable by the owner. These photos are public to everyone on the Internet and the goal of the website is for people to browse through the pictures and to connect the photographer back to the photos.

While I can appreciate the spirit of the site, as a security person, I'm very skeptical about introducing a found memory stick or photo memory card into my computer. As noted in the ISTR XIII, memory sticks (or USB thumb flash drives) represent a serious security...

Elia Florio | 03 Oct 2008 18:38:15 GMT | 0 comments

Digging into our honeypots and spam-trap systems to look for malicious attachments is always an interesting exercise. We can identify different spam campaigns and map together malicious binaries by correlating attachments and filenames. Nevertheless, it's also funny to see how the bad guys are still trying to entice users to run executable attachments-pushing their creativity and social engineering skills to extreme levels. Invoices, contracts, delivery notices, and all types of tickets are travelling by mail everyday, hitting millions of mailboxes; all in the hope that a few users, sooner or later, will be fooled by a perfectly orchestrated malicious e-mail (yes, it does still work, and old tricks are always the best).

Just for fun, I tried to create a picture of the breakdown of the most common malicious spam campaign observed on a set of emails...

Umesh Wanve | 03 Sep 2008 16:44:16 GMT | 0 comments

We have seen in recent times that malicious binaries are spreading through social engineering attack vectors like spam emails, phishing, and social networking sites. This time we have found that attackers have begun targeting free online service sites and our example is based on Google Notebook, although these attacks are not unique to this site. Attackers have started to use Google Notebook as a new social engineering attack vector to spread misleading applications. Misleading applications attempt to convince the user that he or she must remove potentially unwanted programs or security risks (usually nonexistent or fake) from the computer.

Google Notebook is a free online service that provides a way to save and share information in a single location. This free service offers a feature to save search results, notes, or images online and allow users to share these artifacts with others. Users can create notes with headings and within each note they can add more content,...

khaley | 15 Aug 2008 11:54:54 GMT | 0 comments

Security professionals understand the risks of social networks better than anyone. So, given the concerns they may have, do they actually use social networks? Earlier this year we surveyed 87 security administrators from companies in North America and Europe, from both large companies and small, in order to find out.

Our first discovery was that security administrators are not much different than anyone else-they do use social networks. In our survey, only 30% say they do not use social networks; however, they are cautious about them. They are concerned about the ability to separate work and private friends (60%). They want to make sure that "coworkers don't see my personal contacts." Some only use business related sites. Or, as once security admin put it: "I never mix anything like serious work and my social network."

It is not surprising that the vast majority will refuse an invitation they receive on a social network (70%). Why do they refuse a...

Zulfikar Ramzan | 01 Aug 2008 16:37:51 GMT | 0 comments

With the Olympics right around the corner and being that we are in the heart of the summer, I’m sure many of you will find yourselves travelling quite extensively. Nowadays, it’s almost impossible to go cold turkey from the Internet. It’s equally impossible to find a place that doesn’t offer some ability to get you online – whether you’re in the heart of the Serengeti or even on a cruise ship in the middle of the Atlantic (I have actually seen Internet kiosks in both of these places!).

With that, we wanted to offer some tips to keep your online travels safe, even when you are away from home:

1. Don’t let your laptop or PDA sprout mysterious legs. Leaving your laptop out in the open in your hotel room can often prove irresistible to a thief. Many thieves are even known to scour popular vacation or conference spots looking for someone who leaves their laptop alone. I’d go as far as to say that it’s a good idea to...

Ben Nahorney | 18 Jul 2008 14:41:31 GMT | 0 comments

Tell me if this sounds like a familiar scenario. You’ve come up with a brilliant password – it’s strong, easy to remember, and you’ve finally mastered the finger gymnastics required to type it in quickly – only to find that the usage window, mandated by IT password policy, is up. So you come up with a new one, double it, add 32, and then subtract the letters from your mother’s maiden name. Only now IT requires you to include at least two punctuation characters, but that just throws the logic of your method right off.


Password creation is a constant dance between security and convenience, where good passwords that bridge the gap are hard to come by. On the one hand, strong passwords, changed on a regular basis, do reduce the likelihood of success for a wide range of attacks. On the other hand, if you make something too complex, you run the risk of forgetting it–somewhat ironic evidence of its security.


So, the ultimate question is, how do you come up...

Yazan Gable | 01 Jul 2008 17:19:04 GMT | 0 comments

Network processing units (NPUs) are likely the next biggest thing in computer networking. NPUs are computer processors specifically designed to handle network-related functions. These little processors are typically found on embedded systems, but recently there have been moves to bring them into the realm of personal computers (PCs). One notable example is a network card (called KillerNIC) that's designed to make gaming over the Internet faster. It's specifically designed to handle user datagram protocol (UDP) communications that are most often deployed in highly interactive computer games. Given that computer games were a large driver in video card technology, it is reasonable to assume that NPU network cards will become common in the near future.

But what are the security implications of deploying NPUs on PCs? Each network card would need to have embedded software to run it; so basically, your network...

M.K. Low | 23 Jun 2008 19:06:05 GMT | 0 comments

Recently, during her vacation to visit me, my sister forgot her cell phone and had to use her credit card in a pay phone to call me. Later that day, she tried to use the same credit card to check into her hotel and it was declined. After calling the credit card company, the man on the phone informed her that criminals often test stolen credit cards in pay phones to verify if it is still valid. Credit card companies know this and instantly put a hold on the card when this occurs.

Of course, this doesn't bode well for the criminal. They have checked if the card works and by doing so, it has been flagged and possibly deactivated. What is a criminal to do? What other methods can they use to verify the validity of the card but yet, still be able to buy that limited edition R2D2 DVD projector after the process? In a previous...

Zulfikar Ramzan | 27 May 2008 21:09:26 GMT | 0 comments

In my most recent blog entry, I mentioned that Markus Jakobsson and I recently collaborated on a new book:  “Crimeware:  Understanding New Attacks and Defenses.” Network World is hosting a live chat session, and attendees will be eligible to win one of ten copies of the book.

To attend the chat, please go to: on Wednesday, May 28, 2008 from 2:00 – 3:00 PM Eastern.

We’ll be happy to answer any questions you have about the book or about crimeware and the threat landscape in general. I hope you’ll be able to join!

Message Edited by SR Blog...