Video Screencast Help
Search Video Help Close Back
to help
New in the Rewards Catalog: Vouchers for "Symantec Technical Specialist" and "Symantec Certified Specialist" exams.

Security Response

Showing posts by Henry Bell remove filter
Showing posts in English remove filter
Clickjack Baddie Whack
Henry Bell | 17 Jun 2010 | 0 comments

Recently there’s been a fair bit of coverage of the ‘likejacking’ phenomenon. Just today, in fact, one of my friends fell victim to this mischievous trick and some rather embarrassing content was posted on his social networking site profile without his knowledge or approval. So what exactly is it?

The term ‘likejacking’ is a play on the word ‘clickjacking’, itself a portmanteau of ‘click hijacking’. Clickjacking is not a new technique, but has been hitting headlines as more and more websites now make use of cross-site content. Text, images, or other content generated by one website may be displayed, and interacted with, as part of another.

A specially crafted Web page can contain hidden content that is activated when a user clicks on something that appears to be innocuous: a fake video, an enticing picture, a message to ‘click here to continue’, or the promise of a free gift, for instance. To illustrate...

Read more
Back to Basics with Fake AV
Henry Bell | 30 Mar 2010 | 0 comments

We’ve been seeing Fake AV programs getting more convincing for a while now. Some of the tricks employed by the guys behind these rogue programs include Windows-7-style fake scanners, in-browser “scanners”, and program features that ape other aspects of the operating system.

Yesterday, though, we came across a misleading application called AntiVirusDemoFraud that is—how to say?—possibly a little less sophisticated than some in terms of user interface design.

...

Read more
Do I Know You?
Henry Bell | 26 Feb 2010 | 0 comments

Imagine that you’re sitting at home catching up on your email backlog. In comes an email from your ISP, FooBarBazCo (some creativity required here, I know). The email seems to be from Technical Support  – ‘From:    FooBarBazCo.com Team’ – and states that you need to update your email settings as a result of a recent security upgrade. Can you trust it?

Today we observed an increase in spam messages containing links to a particular malicious URL. The messages masquerade as having come from mail administrators, with the ‘from’ address spoofed so that they appear to have come from the same network domain as the address to which the mails are sent (the ‘from’ and ‘to’ addresses are actually identical, although this will not be visible in most email programs).

The received messages state that mailbox 'settings were changed' and urge users to 'apply the new set of settings' by clicking a...

Read more
Polly Wants a Cracker
Henry Bell | 09 Dec 2009 | 0 comments

Ahoy there ye landlubbers! The high seas of wireless security appear to have gone commercial with the introduction of a paid service that means it just got a whole lot easier for a casual attacker to break into your wireless network. Before going on to talk about how this attack vector can be used, though, we'll quickly cover off some terminology; Wi-Fi standards can be an acronym minefield.

Many moons ago—more than ten years ago, in fact—a move was made to devise a method of securing wireless networks that would provide a level of confidentiality equivalent to that of traditional wired networks. The name Wired Equivalent Privacy (WEP) was given to the system. Unfortunately flaws emerged and it turned out to be trivial to circumvent. WEP is still built in to most Wi-Fi products on the market, but security-wise it was blown out of the water long ago and as such its use is now heavily deprecated. Roll out the successors!

Wi-Fi Protected Access (WPA)...

Read more
More Trick than Treat
Henry Bell | 19 Oct 2009 | 0 comments

The most stressful thing about Halloween has always been deciding on a costume. Second place: making sure to have enough candy around for trick-or-treaters who may come a-knocking. All pretty straightforward stuff, right? This time around, though, it looks like the folks behind various rogue security software packages are using Halloween-related search engine poisoning techniques to hoist their fake scanners and other malware onto the computers of unsuspecting users.

While searching for a Halloween costume, one of my Security Response colleagues found a number of pages that – following the usual chain of JavaScript redirects – employ various techniques to coerce the user into installing one of several rogue security applications. Poisoned search terms discovered by us include ‘Halloween costumes’, ‘Best Halloween recipes’ and ‘Halloween theme music’, and it’s likely that there are many more where those came from.

...

Read more
Sharing Isn’t Always Caring
Henry Bell | 09 Feb 2009 | 0 comments

“Just when you thought it was safe to go back in the water…”

Over the past week, Symantec has been observing an increasing number of computers affected by Trojan.Brisv.A. This particular Trojan infects .asf, .mp2, .mp3, .wma, and .wmv movie and music files with malicious code that causes Microsoft Windows Media Player to access a malicious URL when the files are played, which results in more malware being downloaded on to the compromised computer.

In a further twist to the Trojan’s payload, all .mp2 and .mp3 files found on the computer are converted to the Windows Media Audio (WMA) format. This creates problems for security researchers writing software to remove the infected code from the files and restore them to their previous states. It is difficult to ascertain which files contain legitimate Digital Rights Management code and which...

Read more
Tall Latte, Hold the Malware
Henry Bell | 20 Aug 2008 | 0 comments
There’s nothing like coffee one-upmanship to make the blood boil.
 
“You’re still drinking lattes? With actual milk from a cow? Good grief, where have you been?”
 
Nowadays though, it seems that coffee one-upmanship is no longer enough to secure the seemingly coveted “hippest person in the café” crown. Now that portable devices are actually portable, cafés and other public spaces seem to be prime territory for people keen to show off their technological gadgetry.
 
I’ve been keeping an eye out during my recent café trips – doppio, natch – and usually around half of the customers are tapping away on notebooks, ultra-portables and tablet devices. This is, admittedly, in tech-enamored Tokyo, but the use of truly portable and network-capable machines is clearly going to increase as specs go up and costs come down. Cafés are...
Read more

Technical Support

Symantec.com

Store

Community Stats

Total Content Items
Members
258,898