Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Response
Showing posts in English
Zulfikar Ramzan | 27 Nov 2007 08:00:00 GMT | 0 comments

On November 2, 2007 I had the opportunityto participate in a panel at the Federal Trade Commission on the futureof online behavioral advertising. While this topic is not one that isnormally associated with information protection issues, there are someinteresting implications that I touched upon at the panel and that Ithought I’d reiterate here.

First, let’s think about some of the overall trends related to Webadvertising. To begin with, the Web has certainly exploded inpopularity and people are spending more and more time each day surfingtheir favorite sites.

Second, online advertising has proven itself to be a viable businessmodel for many companies. Countless Web sites display ads that areviewed by an even greater number of people.

Third, along these same lines the online advertising supply chain isfairly complex. In the simplest incarnation, an advertiser might workwith an ad network who will arrange to have the ad published throughone or more...

Vikram Thakur | 27 Nov 2007 08:00:00 GMT | 0 comments

Earlier today there was a report about AlGore's site, climatecrisis.net, being hacked. The site contained linksthat weren't visible to the visitors, which pointed to variouspharmaceutical products. The links could be viewed by looking into thesource code of the page being displayed. The fact that Al Gore's sitegot hacked or compromised, while definitely of significance, uncovers amuch bigger technique now being used by spammers. Here is a snapshot ofthe links from the hacked climatecrisis.net site:


(Click for larger image)

As you can see, there are loads of links to a university's server.None of the links work. However, the hackers were able to get to thetop of search results by creating links such as these. No one visitingthe...

Zulfikar Ramzan | 27 Nov 2007 08:00:00 GMT | 0 comments

On November 2, 2007 I had the opportunityto participate in a panel at the Federal Trade Commission on the futureof online behavioral advertising. While this topic is not one that isnormally associated with information protection issues, there are someinteresting implications that I touched upon at the panel and that Ithought I’d reiterate here.

First, let’s think about some of the overall trends related to Webadvertising. To begin with, the Web has certainly exploded inpopularity and people are spending more and more time each day surfingtheir favorite sites.

Second, online advertising has proven itself to be a viable businessmodel for many companies. Countless Web sites display ads that areviewed by an even greater number of people.

Third, along these same lines the online advertising supply chain isfairly complex. In the simplest incarnation, an advertiser might workwith an ad network who will arrange to have the ad published throughone or more...

Vikram Thakur | 27 Nov 2007 08:00:00 GMT | 0 comments

Earlier today there was a report about AlGore's site, climatecrisis.net, being hacked. The site contained linksthat weren't visible to the visitors, which pointed to variouspharmaceutical products. The links could be viewed by looking into thesource code of the page being displayed. The fact that Al Gore's sitegot hacked or compromised, while definitely of significance, uncovers amuch bigger technique now being used by spammers. Here is a snapshot ofthe links from the hacked climatecrisis.net site:


(Click for larger image)

As you can see, there are loads of links to a university's server.None of the links work. However, the hackers were able to get to thetop of search results by creating links such as these. No one visitingthe...

khaley | 26 Nov 2007 08:00:00 GMT | 0 comments

Last week, we talked about the year inreview. And now, everyone wants to know what will happen next. Well, Idon't claim to be a clairvoyant, but it’s safe to say that thefollowing areas will be interesting to watch in the coming year:

o Election Campaigns – As political candidates increasingly turn to the Internet, it is important to understand the associated IT security risksof increased dependence and interdependence on technology in theelection process. These risks include, among others, the diversion ofonline campaign donations; dissemination of misinformation; fraud;phishing; and the invasion of privacy.

o Bot Evolution – We expect bots to diversify andevolve in their behavior. For example, we may see things like phishingsites hosted by bot zombies.

o Advanced Web Threats – As...

Elia Florio | 25 Nov 2007 08:00:00 GMT | 0 comments

Proof of concept exploit code for a newlydiscovered vulnerability in Apple's QuickTime player has been madeavailable to the public today. The vulnerability (Apple QuickTime RTSP Response Header Content-Length Remote Buffer Overflow Vulnerability) was first reported on November 23rd by Polish security researcher Krystian Kloskowski.

The publicly released exploit works successfully when tested withthe latest stand-alone QuickTime player application version 7.3. Itdoes not seem to execute any shellcode when tested with the QuickTimebrowser plugin even though the browser crashes due to the bufferoverflow.

At the moment we believe the most likely attack scenarios to appear using this vulnerability could be:
1. Email based attacks.
2. Web browser based attacks.

In the email attack scenario the user receives a malicious emailwith an attachment containing a file with...

Hon Lau | 23 Nov 2007 08:00:00 GMT | 0 comments

Symantec Security Response has observed web based exploit attacks using a previously unknown vulnerabilityin the Xunlei Thunder PPlayer ActiveX control. This is a component ofthe Chinese download accelerator and file-sharing application, XunleiThunder 5.7.4 401.

The attack originates from a server on the 522love.cn domain. If auser navigates to the site, a Web page hosted on the site employs aclient detection technique to determine the appropriate exploit codethat should be sent back to the requesting client in order tosuccessfully exploit it. This technique is similar to the techniquesused by the MPackattack kit that is already widely used. We have seen a whole range ofvulnerabilities both new and old used by this site, including thefollowing:

•...

Con Mallon | 23 Nov 2007 08:00:00 GMT | 0 comments

While the scale of the data loss by theUK’s Revenue and Customs is indeed stunning, there is still noindication that the missing disks containing information from 25million UK residents has actually fallen into unfriendly hands.However, this is now almost irrelevant as we in the security industrysit and wait for the first scam or phishing attack that plays onpeople’s doubts and fears.

For those unaware of this issue, on November 20th Her Majesty’sRevenue & Customs (HMRC - the UK's tax and excise agency)acknowledged that it had lost two computer disks containing largeamounts of confidential information, including names, addresses, datesof birth, and in some cases bank account information. The missing disks— apparently lost while being transported — may include information onas many as 25 million individuals, including recipients of childbenefits.

HMRC believe the disks are still within one of their sites, butafter an exhaustive search, they have failed to...

khaley | 23 Nov 2007 08:00:00 GMT | 0 comments

It’s the time of year when we begin to lookback and take stock of the events of the last twelve months. Newspapersand magazines will soon be publishing their list of top movies,records, and books. Symantec is publishing a top 10 list, too. Whilenot as fun, in many cases this collection of security trends confirmsthe predicted evolution of cybercrime becoming more professional andcommercial. Two words come to mind when I look at the list: "topical"and "trust." Attackers are exploiting current events and trusted brandsto trick computer users in an effort to make money. And securitycompanies like Symantec continue to block their efforts.

Here, in no particular order, are the top 10 Internet security trends of 2007:

1. Data Breaches – High-profile data breaches underscored the importance of data loss prevention technologies and strategies.

2. Vista Introduction – Microsoft Vista made itsdebut and quickly attackers found...

Con Mallon | 23 Nov 2007 08:00:00 GMT | 0 comments

While the scale of the data loss by theUK’s Revenue and Customs is indeed stunning, there is still noindication that the missing disks containing information from 25million UK residents has actually fallen into unfriendly hands.However, this is now almost irrelevant as we in the security industrysit and wait for the first scam or phishing attack that plays onpeople’s doubts and fears.

For those unaware of this issue, on November 20th Her Majesty’sRevenue & Customs (HMRC - the UK's tax and excise agency)acknowledged that it had lost two computer disks containing largeamounts of confidential information, including names, addresses, datesof birth, and in some cases bank account information. The missing disks— apparently lost while being transported — may include information onas many as 25 million individuals, including recipients of childbenefits.

HMRC believe the disks are still within one of their sites, butafter an exhaustive search, they have failed to...