Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Response
Showing posts tagged with Security Risks
Showing posts in English
Peter Ferrie | 27 Dec 2007 08:00:00 GMT | 0 comments

There should be no question anymore that the VX scene is dying.

On the 29A forum there was a post that roy g biv has officially leftthe 29A group. Given that Vallez has been silent for over a year, itseems clear that the 29A group is really dead now. We wish the boysluck in whatever legal pursuits that they find now.

On the EOF and DoomRiderz fora, we can read that neither group hasenough material for a new zine. On the rRlf site there's a message thatthe same thing has happened to them. EOF and DoomRiderz alreadyannounced their intention to produce a combined zine and now rRlf hasannounced that they will join in, too. Of course, if people aresubmitting the same thing to multiple groups in case one of themreleases a zine, then even those three groups combined might not haveenough material for a zine. In any case, it will probably not happenthis year.

This brings us to another point - the supposed AV-VX "symbioticrelationship." It should be clear by now...

M.K. Low | 19 Dec 2007 08:00:00 GMT | 0 comments

There’s been a lot of coverage on the FBI Bot Roast II campaignwhere they released information about eight suspects who have beenindicted for conducting criminal botnet activity. Bot herder suspectsfrom across the United States have been linked to criminal activitiessuch as DDoS attacks, conducting multi-million dollar phishing andspamming scams, and in particular stealing personal information thatcould lead to identity theft.

Thousands of pieces of personal information are sold and traded inunderground economy servers found in Internet relay chat (IRC) rooms.When I look around the servers that we monitor, it reminds me ofCauseway Bay at night in Hong Kong. Large advertisements bombard youwith capital letters and carders repeat their sales pitches acrossmultiple lines to attract people to their bargains. They list off theirbest deals and even offer cheaper prices if...

Kelly Conley | 14 Dec 2007 08:00:00 GMT | 0 comments


On the first day of Christmas
a spammer offered me –
a brand new shiny PC.

On the second day of Christmas
a spammer offered me –
a Rolex watch,
and a brand new shiny PC.

On the third day of Christmas
a spammer offered me –
cheesy business cards,
a Rolex watch,
and a brand new shiny PC.

On the fourth day of Christmas,
a spammer offered me –
H – D – TV,
cheesy business cards,
a Rolex watch,
and a brand new shiny PC

On the fifth day of Christmas
a spammer offered me –
Vi – a – grrrr – ra,
H – D – TV,
cheesy business cards,
a Rolex watch,
and a brand new shiny PC.

On the sixth day of Christmas,
a spammer offered me –
a pink iPod nano,
Vi – a – grrrr – ra,
H – D – TV,
cheesy business cards,
a Rolex watch,
and a brand new shiny PC.

On the...

Andrea Lelli | 06 Dec 2007 08:00:00 GMT | 0 comments

Given the choice when browsing, I woulddownload and save an executable file rather than directly run it. Freewill has always been a hot topic in philosophy and when it comes to Webbrowser security the topic suddenly gets hot as well! I was recentlybrowsing a well known adware vendor Web site when I decided to downloada game and try it. As usual I came across a normal download page:

image1_lrg.jpeg
Figure 1: The standard Web download interface

After clicking “continue” I was prompted with the usual “FileDownload” message box from Internet Explorer, but it actually took me awhile to realize something was missing:

image2_lrg.jpeg
Figure 2: File download box missing the “Save” option

I could...

Brian Ewell | 29 Nov 2007 08:00:00 GMT | 0 comments

On November 29 the FBI announced the results of its second Bot Roast (see the FBI release).This is the FBI operation responsible for hunting out and attempting tobring to justice cyber criminals involved in cultivating botnets. Thesebotnets, which can call home to millions of computers, are responsiblefor millions of dollars in financial losses at both a corporate andconsumer level. The FBI operation has resulted in the successfulcapture, indictment, and/or sentencing of multiple criminals. In thelong run it may be only a small slice of the world of botnets, but makeno mistake, any gains in fighting this epidemic are well received. TheFBI and those involved should be commended.

Of course, what's a blog entry without the standard "practice safecomputing" comment: Insure your system is patched and protected as bestas possible through the use of a security package. Anything we...

khaley | 26 Nov 2007 08:00:00 GMT | 0 comments

Last week, we talked about the year inreview. And now, everyone wants to know what will happen next. Well, Idon't claim to be a clairvoyant, but it’s safe to say that thefollowing areas will be interesting to watch in the coming year:

o Election Campaigns – As political candidates increasingly turn to the Internet, it is important to understand the associated IT security risksof increased dependence and interdependence on technology in theelection process. These risks include, among others, the diversion ofonline campaign donations; dissemination of misinformation; fraud;phishing; and the invasion of privacy.

o Bot Evolution – We expect bots to diversify andevolve in their behavior. For example, we may see things like phishingsites hosted by bot zombies.

o Advanced Web Threats – As...

khaley | 23 Nov 2007 08:00:00 GMT | 0 comments

It’s the time of year when we begin to lookback and take stock of the events of the last twelve months. Newspapersand magazines will soon be publishing their list of top movies,records, and books. Symantec is publishing a top 10 list, too. Whilenot as fun, in many cases this collection of security trends confirmsthe predicted evolution of cybercrime becoming more professional andcommercial. Two words come to mind when I look at the list: "topical"and "trust." Attackers are exploiting current events and trusted brandsto trick computer users in an effort to make money. And securitycompanies like Symantec continue to block their efforts.

Here, in no particular order, are the top 10 Internet security trends of 2007:

1. Data Breaches – High-profile data breaches underscored the importance of data loss prevention technologies and strategies.

2. Vista Introduction – Microsoft Vista made itsdebut and quickly attackers found...

Con Mallon | 23 Nov 2007 08:00:00 GMT | 0 comments

While the scale of the data loss by theUK’s Revenue and Customs is indeed stunning, there is still noindication that the missing disks containing information from 25million UK residents has actually fallen into unfriendly hands.However, this is now almost irrelevant as we in the security industrysit and wait for the first scam or phishing attack that plays onpeople’s doubts and fears.

For those unaware of this issue, on November 20th Her Majesty’sRevenue & Customs (HMRC - the UK's tax and excise agency)acknowledged that it had lost two computer disks containing largeamounts of confidential information, including names, addresses, datesof birth, and in some cases bank account information. The missing disks— apparently lost while being transported — may include information onas many as 25 million individuals, including recipients of childbenefits.

HMRC believe the disks are still within one of their sites, butafter an exhaustive search, they have failed to...

Marc Fossi | 22 Nov 2007 08:00:00 GMT | 0 comments

Your hardware is well secured. You’ve got agood perimeter firewall in place that only allows communication onauthorized ports, an IDS to scan for suspicious activity, WPA2encryption set on wireless devices, and so on. Your software is secureas well. Patches up to date, good password policy enforcement, etc.

So where is the weak point in your network? I think there’s a commonexpression used to describe it – the problem exists between keyboardand chair.

Lately, more attacks have relied upon social engineering to infectusers rather than automated exploitation of vulnerabilities in networkservices. Social engineering is nothing new, but the sophistication ofsome of these attacks has been increasing. Three prime examples of thiscome to mind.

Earlier this year, there was a large-scale attack using the MPack kitin which a large...

M.K. Low | 21 Nov 2007 08:00:00 GMT | 0 comments

When I logged into my online banking Website last week, the login screen was different than what I was used to.My first reaction was that I had been hacked and the site was a spoof(a consequence of working in this field). Once I realized that it wasin fact the genuine login screen, I proceeded to enroll in the bank’snewly enhanced sign-in security.

The concept is pretty easy; banks realize that card numbers and PINsare not enough to verify someone’s identity so they have added extralayers of security. To set up the enhanced login process, users areasked to pick an image and to type in a phrase. For example, a usercould select the image of a green apple and the phrase “The fox is inthe hen house.” These will be displayed to the user whenever they entertheir bank card number so that they can verify the legitimacy of thesite. Users are then asked to select three pre-determined questions andenter the answers. If the user logs into their online banking from acomputer that...