Security Response: Showing posts tagged with Security

The evolution of a phishing attack is quite straightforward. At first, the fraudsters compromise a vulnerable server and deploy a package called a "phishing kit," which contains a clone application of the targeted institution. Then, mass mailing activities, with the aim of reaching a large number of recipients, are accomplished. Finally, the fraudsters use social engineering techniques to entice victims to submit their credentials, from which the fraudsters attempt to derive valid credentials. This will only happen if the fraudsters are able to convince users that they should trust the phishing website, or at least be tricked into believing it is a legitimate site and not raise any suspicion. Of course, this is not always a painless task.

Symantec has carried out several forensics analyses in order to evaluate the distribution of phished users over the different phases described above. Specifically, I want to focus my attention on the portion of users submitting...

Modern SQL databases are flexible, efficient, and can run commands at an OS level easily-a perfect target from a malicious code perspective! Our honeypot servers are full of worms that spread by email, IM, file-sharing, or network vulnerabilities, so finding a Trojan that targets SQL databases is always an unusual surprise for a virus researcher.

Some of you may remember the W32.SQLExp.Worm back in 2003—it was a bad worm that tried to exploit a vulnerability in SQL servers in order to spread. Similar threats exist, such as Hacktool.SQLck and various security assessment tools like SQL Ninja.

This time we have found a new SQL threat:...

Myth #6: Backing up Virtual Machines Require Multiple Point Products

Just in time for VMworld this week, I'd like to debunk one last myth around data protection-the myth that virtual machines automatically require an additional set of tools to properly protect them. The move to virtual environments and all of the benefits they afford has been widely addressed. However, a recent Symantec survey found that of all the customers planning a move to virtual environments, over 65% were re-examining their data protection strategy.

Sounds like increased complexity, doesn't it? Isn't the potential for less complexity one of the major value propositions of moving to a virtual server infrastructure? We think that with the right strategy, IT groups can implement a data protection strategy...

Myth 4:  Granular Level Recovery Takes Too Long  

In Myth #2 we talked about granular recovery as a main driver for implementing disk into the backup infrastructure and a good way to help IT meet today’s RPOs and RTOs. As I mentioned, granular level recovery is one technology that enables IT to meet those RTOs and RPOs. However, I didn’t talk about some of the perceived challenges of granular level recovery, so I’d like to debunk the myth that it takes too long to restore data at this level.

Advanced granular recovery technology enables businesses to quickly restore individual emails, files, or documents from one backup pass, saving significant time and money.  Up until now, backup and recovery procedures have been arduous, requiring multiple agents and multiple backups. For...

Myth 3: Upgrading to a New Data Protection Solution is Painful and Expensive

In part three of our series on data protection myths, I thought we could take a look at the dreaded upgrade. Upgrading your data protection software is generally perceived as a painful process among the IT crowd. At the same time, that crowd is seeing the need to upgrade. Gartner research from July 2008 proved this. In a survey of 70 IT managers, 66% of respondents said they were planning major redesigns of backup and recovery systems within 12 months, according to analyst Alan Dayley. That is a lot of frustrated IT managers.

Fortunately, we think this is yet another data protection myth. While the process might seem daunting, in actuality, upgrading to the right solution will eliminate headaches in the long run. Today's data protection technology will save time and...

I’ve spent the last couple of weeks travelling through Latin America (Mexico, Brazil, and Argentina) and the one commonality between my experiences in each of these three countries is that I don’t speak the local language in any of them. In high school, I studied French, not Spanish, and Portuguese wasn’t even taught. So, at restaurants I can never read the menu and I usually attempt, in very broken Spanish, to ask the waiter for a recommendation (“Que es bueno?”). Then he says something and I nod enthusiastically and smile.
 
The process reminds me a bit of what backup administrators face when they are trying to figure out how to back up their VMware environments. There are many ways to do it and often they don't know which is best. The easy and obvious way is to run a backup client from inside each virtual machine. In some cases that works fine, but in other cases, all the backups running simultaneously overloads the physical server (the challenges of sharing I/O and...

Myth 1 – Data Protection Solutions Do Not Scale with my Business

Plenty has been said about the challenges that exist today for IT and data center managers. I will spare you the typical descriptions about the increase in mission-critical data, plain old exploding volumes of data, and data distributed across a dispersed workforce. We’re all well aware of these issues.

Let’s talk about the good news. There is a tremendous about of innovation in data protection technologies today. Take a second to think about everything you’ve heard about granular recovery, data deduplication, cloud-based storage, SaaS, innovative data protection technology for virtual environments, and continuous data protection. These are all technologies that can be applied to solve specific challenges in the context of a larger data protection platform, and IT folks are beginning to catch on to most of them. However, this innovation has come with quite a few...