Symantec Intelligence

The Symantec Intelligence Blog published by Symantec.cloud serves as a conduit for communicating Intelligence data, trends and statistics based on analysis of cyber security threats, trends and insights from the Symantec Intelligence team comprised of many world-renowned malware and spam experts. Sitting on the front lines of defense, they have a global view of threats across multiple communication protocols drawn from the billions of web pages, email and IM messages they monitor each day.

Follow Us on Twitter
  • 0
    Updated: Paul Wood 06 Apr 2011

    The PDF Exploit: Same Crime, Different Face

    Posted on behalf of Jason Zhang and Joseph Rabaiotti, Malware Research Analysts, Symantec.cloud   Portable document format (PDF) is one of the most commonly used file formats with which to exchange electronic documents across platforms and applications. Because of its popularity, it has been heavily used in both targeted and non-targeted attacks, as reported by MessageLabs Intelligence Monthly Report (PDF) in February 2011 and a blog post in January 2011. According to the report, PDFs now account for a larger proportion of document-based targeted attacks; in 2009 approximately 52.6% of targeted attacks used PDF exploits, compared with 65.0% in 2010. In 2011, we have seen no sign of...
  • 3
    Updated: Paul Wood 17 Feb 2010

    Targeted Attacks Now Using Bredolab Malware

      Posted on behalf of Tony Millington (Malware Operations Engineer, Symantec Hosted Services), with contributions from Dan Bleaken (Malware Data Analyst, Symantec Hosted Services) Today we saw a targeted attack against seven different companies via email, sent mostly to Public Sector addresses, but also to the Education Sector. The attack began on February 16, but the fact that we've seen a targeted attack at all is not particularly interesting, we see targeted attacks every day: for example, in the month of January 2010 we stopped 1,976 confirmed targeted emails. The interesting part with this particular attack is that it is using the Bredolab malware as the payload in the email. Bredolab (for more information click here) is usually spammed out in vast quantities using the Cutwail botnet (one of the largest botnets currently in...