Video Screencast Help
Search Video Help Close Back
to help
New in the Rewards Catalog: Vouchers for "Symantec Technical Specialist" and "Symantec Certified Specialist" exams.

Security Response

Showing posts tagged with Security remove filter
Showing posts by David McKinney remove filter
脆弱性が増加した 2010 年
David McKinney | 06 Apr 2011 | 0 comments

シマンテックの『インターネットセキュリティ脅威レポート Volume 16』(英語)を読むと、インターネットセキュリティの脅威をめぐる 2010 年の傾向を把握できます。2010 年は、Trojan.Hydraq インシデント、Stuxnet による攻撃、おびただしい数のゼロデイ攻撃などの大きな事件が脆弱性に起因しており、控えめに言っても興味深い年だったことは確かです。

注目ポイントをいくつか挙げてみましょう。

-          新たに発見された脅威の多さで言えば、2010 年は記録的な年でした。この原稿の執筆時点で、年間で 6,253 件の脆弱性が報告されています。

-          脆弱性の急増は、2010 年に脆弱性の影響を受けた新規ベンダーの数が増えたことによるものです。シマンテックの調査では、2009 年に脆弱性の影響を受けた新規ベンダーが 734 社だったのに対し、2010 年は脆弱性の影響を受けた新規ベンダーは 1,914 社でした。

-          これは、脆弱性を報告するセキュリティ研究者やベンダーの総数が増えていることも示します。

-          新規ベンダーでは、重大度の高い脆弱性に影響を受けるケースが急増しています。シマンテックの調査では、新規ベンダーに影響を与える重大度の高い脆弱性は、2010 年は前年比で 591 パーセントも増加しました。この増加の原因としては、セキュリティ研究者と新規ベンダーの双方が、重大度の高い脆弱性の特定に取り組んだことが挙げられます。

-          「...

Read more
Vulnerabilities Abound in 2010
David McKinney | 05 Apr 2011 | 0 comments

Volume 16 of the Symantec Internet Security Threat Report covers trends in the Internet security threat landscape during 2010. It has been an interesting year, to say the least. We saw vulnerabilities implicated in major events such as the Trojan.Hydraq Incident, the Stuxnet attacks, and numerous zero-day attacks.

Here are some highlights:

-          In terms of the sheer number of new vulnerabilities discovered, 2010 was a record year. At the time of writing, we documented 6,253 new vulnerabilities over the year.

-          The rise in vulnerabilities was influenced by an increase in the number of new vendors that were affected by vulnerabilities in 2010. In 2010, Symantec documented 1,914 new vendors that were impacted by vulnerabilities, compared to 734 new vendors in 2009.

-    ...

Read more
Symantec Global ISTR XV Vulnerability Highlights
David McKinney | 21 Apr 2010 | 0 comments

I am proud to announce the release of Volume 15 of the Symantec Global Internet Security Threat Report. I would like to take this opportunity to give a preview of the some of the findings in the vulnerabilities section of this report.

In previous years, we observed that ActiveX vulnerabilities were on the rise. This trend was largely driven by security researchers employing various fuzzing tools to audit ActiveX controls for vulnerabilities. In 2008, 70 percent of all browser plug-in vulnerabilities could be attributed to vulnerable ActiveX controls. In 2009 there was a significant decline in the proportion of ActiveX vulnerabilities when compared to other browser plug-in technologies. In the report we observed that only 42 percent of browser plug-in vulnerabilities affected ActiveX controls. Vulnerabilities in other browser plug-ins increased as a result. In particular, Java SE accounted for 11 percent of browser plug-in vulnerabilities in 2008 but rose to 26...

Read more
Rogue Security Software Distribution Methods: Symantec Report on Rogue Security Software
David McKinney | 20 Oct 2009 | 0 comments

The Symantec Report on Rogue Security Software includes an in-depth analysis of the methods scammers use to distribute rogue security applications. This blog presents some of the highlights of the research into the distribution of these scams.

In the report, the following distribution and advertising trends were observed:

•    Ninety-three percent of the top 50 most prevalent rogue security applications were distributed as intentional downloads. This means that victims are tricked into believing they are downloading legitimate security software and subsequently installing the rogue application.
•    Seventy-six percent of the top 50 most prevalent rogue security applications were classified as unintentional downloads. This means that the software may be installed unintentionally through drive-by downloads or...

Read more
Symantec Report on the Underground Economy – Malicious Tools
David McKinney | 27 Nov 2008 | 0 comments

The newly released Symantec Report on the Underground Economy discusses a number of topics, including the supply and demand of goods and services that were advertised for sale in the underground economy. This information was gathered by monitoring various IRC channels devoted to the commerce of these good and services. In particular, I’d like to highlight some of the things we observed in analyzing the trade in malicious tools.

One of the things we observed is that the underground economy is self-sufficient. What this means is that the tools necessary to produce goods and services are also available for sale in the underground economy. This indicates that the market has matured enough that productivity gains can occur through the division of labor; i.e., the economy makes it viable for individuals to increasingly specialize in the tasks they excel at. This is where...

Read more
ISTR XIII: Vulnerability Highlights
David McKinney | 08 Apr 2008 | 0 comments

With the launch of volume XIII of the Symantec Internet Security Threat Report (ISTR), I’d like to discuss some of the highlights we’ve seen in vulnerability trends for the last six months of 2007.

Zero-days in regional applications

During the last six months of 2007, Symantec observed a trend towards zero-day vulnerabilities that target applications in China and Japan. Of the nine zero-day vulnerabilities tracked during this period, seven affected popular Japanese and Chinese applications, such as JustSystem Ichitaro, Lhaz, GlobalLink, SSReader Ultra Star Reader, and Xunlei Web Thunder. This is a change from previous periods, where we saw attackers concentrate on vulnerabilities in Microsoft Office. It will be interesting to see if attackers continue to focus on region-specific applications. So far this year, we’ve already seen a zero-day attack targeting the Lianzong game platform. However, we’ve also seen a zero-day targeting Microsoft Excel.

...

Read more
Exploiting trust: ISTR XII
David McKinney | 18 Sep 2007 | 0 comments

Volume XII of the Internet Security Threat Report (ISTR)is now out. In this report, we discuss how attackers have been usingtrusted Web sites as a means of reaching their victims. This trend is,in part, facilitated by something that we call “site-specificvulnerabilities”, which are vulnerabilities that are limited to aparticular Web site or service. These vulnerabilities are typicallypresent in the proprietary Web-based applications that drive theservices provided by the site.

What initially tipped us off to the increasing prevalence ofsite-specific vulnerabilities was actually a drop in the proportion ofWeb application vulnerabilities. In this report, we observed that 61percent of vulnerabilities affected Web applications, which is a dropfrom the 66 percent in the previous report. (Our discussion of Webapplication vulnerabilities includes only those Web applications...

Read more
Microsoft Patch Tuesday: August 2007
David McKinney | 13 Aug 2007 | 0 comments

This month Microsoft has released nine security bulletins. All ofthese vulnerabilities could let an attacker execute arbitrary code onan affected computer. All of the issues are also classified as“client-side vulnerabilities”, meaning that they require someinteraction on the part of the user for exploitation to occur. Thiswill usually entail visiting a malicious Web page or opening amalicious file that is sent through email or other means.

Microsoft’s summary of the bulletins can be found here.

  1. MS07-042 Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (936227)

    This bulletin consists of a code execution vulnerability(CVE-2007-2223/BID 25301) affecting Microsoft XML Core Services.Attackers could exploit this issue through a malicious Web page.

    Affects: Microsoft XML Core Services 3.0/4.0/6.0 on Windows2000/XP/...

Read more
Kevin Mitnick - The Hacker as Anti-Hero
David McKinney | 07 Aug 2007 | 0 comments

The hacker's place in the pop culture continuum is as anti-hero. This is an image portrayed in movies and novels - the hacker is a wild-card with the power of deus ex machina who can be called upon to cheat technology or exploit a loophole in the system. Since computers don't lie and the system is perfect, the hacker invokes black arts in gross defiance of reality and the law in order to accomplish his (as hackers are overwhelmingly portrayed as male) goals. Yet we often sympathize with the fictional hacker for this exact reason. The system irks us and we often wish we could circumvent it.

The nineties had its own hacker anti-hero: Kevin Mitnick.

Most of Mitnick's story has been told by the media and in a book entitled Takedown, by John Markoff and...

Read more
Microsoft Patch Tuesday: April 2007
David McKinney | 09 Apr 2007 | 0 comments

Microsoft Patch Tuesday: April 2007

April was unique for Microsoft because it consisted of two MicrosoftTuesdays. Last week, we saw the release of patches for the .ANIzero-day vulnerability. This patch was consistent with Microsoft’spolicy of releasing out-of-band security patches (in other words,patches on days other than patch Tuesday) for vulnerabilities that areexperiencing widespread exploitation in the wild. From my experience,if the issue is significant enough to merit third-party patches fromDetermina, ZERT, etc., then in all likelihood Microsoft will do anout-of-band security patch release for the vulnerability.

Today Microsoft released an additional five security bulletins. Fourof the bulletins affect Microsoft Windows and the one affects MicrosoftContent Management Server.

• MS07-018 Vulnerabilities in Microsoft Content Management Server Could Allow Remote Code Execution (KB925939)

This bulletin addresses...

Read more

Technical Support

Symantec.com

Store

Community Stats

Total Content Items
Members
258,791