Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Symantec Intelligence
Showing posts in English
MarissaVicario | 02 Dec 2010 | 1 comment

Posted on behalf of Martin Lee, Senior Software Engineer, Symantec Hosted Services

Targeted Trojans are bespoke pieces of malware written by someone who is trying to access information from an identified individual. This particular Trojan demonstrates some of the tricks used by targeted Trojan writers.

The intended victim of this attack is a senior individual in the energy and mining sector. The malicious email is plausible, during difficult economic times an urgent round of downsizing may be underway and that this issue is being kept a secret. The attacker is expecting the victim to be curious and to attempt to open the attachment.

Although the attachment appears to be a spreadsheet file, it is actually a malicious executable that exploits a known vulnerability in Microsoft Excel to run.

Malware writers are aware that many corporate systems...

Daren Lewis | 02 Dec 2010 | 0 comments

On December 7 we will release our MessageLabs Intelligence 2010 Annual Security Report looking back at the changes in the threat landscape during 2010. We also use the opportunity to look ahead at potential trends for next year. In the days leading up to the publication of the report we will share a few of these trends.

Botnets Evolve with Steganography
Since the McColo ISP takedown in November 2008, which removed the command and control servers used by cyber crooks to control the activities of their botnets, and wiped out many cybercrime operation, the cybercriminals have been looking to build business continuity practices into their operations.

In 2011, we expect that botnet controllers will resort to employing steganography techniques to control their computers. This means hiding their commands in plain view – perhaps within images or music files distributed through file sharing or social networking websites. This approach will allow...

Daren Lewis | 01 Dec 2010 | 0 comments

On December 7 we will release our MessageLabs Intelligence 2010 Annual Security Report looking back at the changes in the threat landscape during 2010. We also use the opportunity to look ahead at potential trends for next year. In the days leading up to the publication of the report we will share a few of these trends.

Targeted Attacks Diversify
Targeted attacks remain a significant risk. While the volume of these attacks is low relative to mass spam and malware attacks they are very effective in bypassing all traditional security systems and user training. In 2010 cybercriminals began targeting industries not previously targeted. At one point 25% of attacks were against the retail sector which had previously seen few to no targeted attacks.

In 2011, we expect the range of organizations being targeted in such attacks to become more diverse. This means that attackers will also seek indirect entry into specific industries by exploiting...

Daren Lewis | 01 Dec 2010 | 0 comments

On December 7 we will release our MessageLabs Intelligence 2010 Annual Security Report looking back at the changes in the threat landscape during 2010. We also use the opportunity to look ahead at potential trends for next year. In the days leading up to the publication of the report we will share a few of these trends.

Automation Advances Targeted Attacks
Highly targeted attacks are steadily increasing in number. These carefully crafted attacks target specific users in specific organizations and require significant effort and research on behalf of the cybercriminal.

In 2011 criminal enterprises will increasingly automate this research to create a heavier volume of more powerful and convincing attacks that appear particularly relevant, interesting and/or newsworthy to the intended victims.

Later today: Targeted Attacks Diversify

Published earlier:

  • Global Spam Trends:...
Daren Lewis | 30 Nov 2010 | 0 comments

On December 7 we will release our MessageLabs Intelligence 2010 Annual Security Report looking back at the changes in the threat landscape during 2010. We also use the opportunity to look ahead at potential trends for next year. In the days leading up to the publication of the report we will share a few of these trends.

Trending Topics Fashioned to Follow the News 

We’ve seen malware that attempts to ensure that links to infected pages are returned in search engine results using black-hat search-engine optimization techniques.

In 2011, the criminals will go one step further. Rather than just promoting compromised websites through search engine optimization they will proactively identify websites likely to see higher than normal levels of traffic based on current events or hot topics on the internet. They will use multiple methods, including monitoring of micro-blogging site topics and search engine hot topic feeds, to track these...

Daren Lewis | 29 Nov 2010 | 0 comments

On December 7 we will release our MessageLabs Intelligence 2010 Annual Security Report looking back at the changes in the threat landscape during 2010. We also use the opportunity to look ahead at potential trends for next year. In the days leading up to the publication of the report we will share a few of these trends.

Stuxnet Strikes Up Malware Specialization

One of the most threatening advances in malware during 2010 broadened the range of targets beyond PCs and servers when the Stuxnet Trojan attacked programmable logic controllers. This specialized malware written to exploit physical infrastructures will continue in 2011 driven by the huge sums of money available to criminal enterprises at low risk of prosecution.
These attacks will range from the obvious targets like smartphones, to any number of less obvious yet critical systems like power grid controls or electronic voting systems. Any technology that can be exploited for financial gain...

Daren Lewis | 24 Nov 2010 | 0 comments

On December 7 we will release our MessageLabs Intelligence 2010 Annual Security Report looking back at the changes in the threat landscape during 2010. We also use the opportunity to look ahead at potential trends for next year. In the days leading up to the publication of the report we will share a few of these trends.

Making Web Security Work in an Era of Pervasive Threats
In 2010 more than 80% of malicious threats intercepted were found on legitimate websites that had been compromised either directly or indirectly via third party provided content. At the same time categories which were once easy to block universally, like social media, are becoming increasingly business relevant.

In 2011 we expect IT managers will be forced by business necessity to implement more granular and refined web security policies. Particular business units, departments or users will be granted access to certain websites or categories of sites. Our data indicates...

Daren Lewis | 24 Nov 2010 | 0 comments

On December 7 we will release our MessageLabs Intelligence 2010 Annual Security Report looking back at the changes in the threat landscape during 2010. We also use the opportunity to look ahead at potential trends for next year. In the days leading up to the publication of the report we will share a few of these trends.

Security and Services Continue Migrate to the Cloud
An increasingly distributed workforce is pushing organizations to the cloud for suitable security solutions that will be required to work seamlessly across multiple platforms, as users switch between devices used to store and transmit information online. In 2011 businesses will increasingly begin to reap the benefits of adopting a hybrid infrastructure that is premise-based, private cloud based and public cloud based and will seek to deliver a seamless user experience regardless of device or access location.

Later today: Making Web Security Work in an Era...

MarissaVicario | 23 Nov 2010 | 0 comments

Posted on behalf of Mathew Nisbet, Malware Data Analyst, Symantec Hosted Services

Cutwail has recently been sending spam making use of cached versions of webpages, as well as the same type of HTML text obfuscation I mentioned in a recent blog:  http://www.symantec.com/connect/blogs/cutwail-take.... In this case, the email is much longer, making it even harder to spot the actual text unless the viewer looks at the rendered HTML.

This time the obfuscation is slightly enhanced though. Rather than just attempting to use colors to hide the 'junk' text, the HTML changes the size of the font and letter positioning too. The text meant to fool filters, but not to be read by humans, is made so small it would simply...

Daren Lewis | 23 Nov 2010 | 0 comments

On December 7 we will release our MessageLabs Intelligence 2010 Annual Security Report looking back at the changes in the threat landscape during 2010. We also use the opportunity to look ahead at potential trends for next year. In the days leading up to the publication of the report we will share a few of these trends.

Distributed Workforce Drives Security Policies

The past year has challenged businesses with securing an increasingly distributed workforce in the wake of the recent global economic crisis. With laptops and smart-phones becoming ubiquitous the workforce is increasingly distributed regardless of where workers spend their traditional work day. To remain competitive, as the economy begins to recover, companies will continue to look to employee productivity gains from longer hours, working remotely and from home offices. IDC estimates that 1 billion workers will be mobile at least part of the time or remote from their firm’s main...