Parveen Vashishtha

Profile

Parveen Vashishtha

Symantec Employee

Member for: 3 years 50 weeks
Contact: Send this user an email

Member for: 3 years 50 weeks

Blog: View recent blog entries

Contribution Stats

Solutions

Forum Threads

Comments

Blog Entries

Ideas

Articles

Videos

Downloads

Events

Groups Joined

Parveen Vashishtha's Activity

Show:

New blog entry 05 Oct 2010

Parveen Vashishtha posted: ブラウザの偽セキュリティアップデートによるミスリーディングアプリケーションの投下手口

以前のブログで、ソーシャルエンジニアリングの手法を駆使した攻撃者が、ユーザーを脅してミスリーディングアプリケーションを購入させようとする手口について報告しました。そして今度は、少し異なる手口でユーザーを欺く複数の Web サイトが見つかりました。これらの Web サイトは、ユーザーを騙すために、悪意のあるページにアクセスしようとしたときにセキュリティ機能やセキュリティ技術によって返されるページによく似た偽のページを表示します。ただし、たとえば Google では［Get me out of here］ボタンが表示されるのに対して、偽のページでは、［Download Upd

New blog entry 04 Oct 2010

Parveen Vashishtha posted: Misleading Apps Push Browser Security Update Trick

In a previous blog we reported on how attackers use social engineering techniques to scare users into purchasing a misleading application. This time around, we have come across a couple of websites that are using a slightly different trick to mislead users. In order to trick users, these w

New blog entry 28 Jan 2010

Parveen Vashishtha posted: “Google Sponsored Links” Websites Blacklisted by Google

The use of search engines to deliver malware is well known. Previously we reported that attackers were using Google-sponsored search results to promote malicious websites. Instead of using techniques such as search engine optimization (SEO) poisoning to get the optimum listing in the search en

New blog entry 11 Jun 2009

Parveen Vashishtha posted: “Google Sponsored Links” Sponsor Misleading Websites Blacklisted By Google

Attackers often use search engines to deliver malware. Earlier we reported that Yahoo-sponsored search results were used to promote misleading applications. Also, attackers reportedly abused Google advertisement services in order to push out misleading applications. Instead of using te

New blog entry 26 Mar 2009

Parveen Vashishtha posted: Easter Surprise For You

Easter is around the corner and as expected, attackers have already started to poison search engine queries to redirect users to websites that deliver misleading applications. Various search keywords related to Easter have been poisoned in Internet search results so that links to rogue websites ar

New blog entry 10 Mar 2009

Parveen Vashishtha posted: Yahoo! Sponsored Search Results Leads to Misleading Websites

Search engines are often used by attackers as platforms from which to deliver malicious code. A while ago it was reported that Google was serving up advertisements that led to misleading applications (also known as rogue antispyware products). This time, the malicious code authors are usin

New blog entry 28 Oct 2008

Parveen Vashishtha posted: ActiveX File Overwrite/Delete Vulnerabilities - Continued

In a blog article from last year , I discussed the rise in popularity of exploits using ActiveX overwrite/delete vulnerabilities due to their ease of use. Since that time, we have seen over 100 such vulnerabilities. Microsoft requires developers of ActiveX controls to mark their controls “n

New blog entry 22 Oct 2007

Parveen Vashishtha posted: ActiveX File Overwrite/Delete Vulnerabilities

A new type of vulnerability isbecoming more popular these days. It is an arbitrary file overwrite/deletevulnerability that can be exploited by attackers to overwrite or deletearbitrary files on an affected computer. These vulnerabilities existparticularly because of a registered ActiveX control

New blog entry 15 Aug 2007

Parveen Vashishtha posted: MPack: Getting More Dangerous

In our previous analysis we discussed ‘What is Mpack and how it works.’ We had reviewed MPackversion 0.84 in our previous blog; this time we will compare it with an updated version, MPack v 0.91. 1. The exploits include the existing ones present in v0.84. The list of exploits is present a

Parveen Vashishtha

Parveen Vashishtha's Activity

Technical Support

Symantec.com

Store

Community Stats