Video Screencast Help
Search Video Help Close Back
to help
New in the Rewards Catalog: Vouchers for "Symantec Technical Specialist" and "Symantec Certified Specialist" exams.

Security Intel Analysis Team

Security Intel Analysis Team
Symantec Employee

Member for: 3 years 16 weeks
Contact: Send this user an email
Member for: 3 years 16 weeks
Blog: View recent blog entries
Contribution Stats
0
Solutions
0
Forum Threads
0
Comments
15
Blog Entries
0
Ideas
0
Articles
0
Videos
0
Downloads
0
Events
0
Groups Joined

Security Intel Analysis Team's Activity

Show:
New blog entry 15 Jun 2010
Security Intel Analysis Team posted: ゼロデイの背後にあるつながり
最近発見された「Adobe Flash Player, Adobe Reader, and Acrobat 'authplay.dll' Remote Code Execution Vulnerability ( BID 40586 )」(Adobe Flash Player、Adobe Reader、Adobe Acrobat の 'authplay.dll' にリモートでコードが実行される脆弱性)に関連するマルウェアとシェルコードを調べていたところ、2010 年 3 月以降に発生している「Microsoft Internet Explorer
New blog entry 14 Jun 2010
Security Intel Analysis Team posted: A Zero-day Connection
While investigating the malware and shellcode that were associated with the recent Adobe Flash Player, Adobe Reader, and Acrobat 'authplay.dll' Remote Code Execution Vulnerability ( BID 40586 ), we came across some interesting similarities to the malware and shellcode that were used in
New blog entry 30 Mar 2010
Security Intel Analysis Team posted: Pwn2Own 2010: Lessons Learned
At the recent Pwn2Own contest held during the CanSecWest 2010 security conference, the Web browser targets were the latest versions of Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, and Apple Safari. All of the targeted browser platforms were patched up to date and included the lates
New blog entry 21 Nov 2009
Security Intel Analysis Team posted: Zero-Day Internet Explorer Exploit Published
A new exploit targeting Internet Explorer was published to the BugTraq mailing list yesterday. Symantec has conducted further tests and confirmed that it affects Internet Explorer versions 6 and 7 as well. The exploit currently exhibits signs of poor reliability, but we expect that a fully-fun
New blog entry 06 Jul 2009
Security Intel Analysis Team posted: Another Unpatched Vulnerability is Being Massively Exploited via Internet Explorer
As mentioned in a recent blog , Symantec is aware of the exploitation of a previously unknown and unpatched vulnerability affecting the Microsoft Video Streaming ActiveX control . Initially, there were limited in-the-wild attacks; however, new developments indicate that the flaw is now being
New blog entry 22 Apr 2009
Security Intel Analysis Team posted: W32.Downadup P2P Scanner Script for Nmap
Symantec’s Security Intelligence Analysis Team has collaborated with Nmap contributor Ron Bowes to aid in the development of an Nmap script that is able to detect hosts infected with W32.Downadup.C by enumerating the peer-to-peer (P2P) protocol used by the worm. The script has been made available
New blog entry 20 Mar 2009
Security Intel Analysis Team posted: W32.Downadup.C Bolsters P2P
Sometime between March 4 and March 6, 2009, the authors of the Downadup worm pushed out a significant update to a portion of the Downadup network. Symantec Security Response engineers captured the update in one of their honeypots and quickly responded with definitions to protect against the threat
New blog entry 12 Feb 2009
Security Intel Analysis Team posted: Coalition Formed in Response to W32.Downadup
Since its discovery by Symantec in November 2008, the malicious W32.Downadup worm has infected millions of systems worldwide. In an effort to reduce the continued propagation of the worm, Symantec is collaborating with a range of global technology industry leaders and academics in order to m
New blog entry 16 Jan 2009
Security Intel Analysis Team posted: W32.Downadup.A and W32.Downadup.B Statistics
As regular readers of the Symantec Security Response Blog know, we’ve been monitoring W32.Downadup statistics for some time. We’ve previously published two blog entries regarding infection statistics for both the .A and .B variants. The Symantec Intelligence Analysis Team has been monitori
New blog entry 06 Jan 2009
Security Intel Analysis Team posted: W32.Downadup Infection Statistics
The W32.Downadup.A worm was the first worm discovered in the wild that was successfully leveraging MS08-067 in a widespread fashion. Symantec carried out an in-depth analysis of this threat and discovered that infected hosts will generate 250 pseudo-random domain addresses each day, in pre
New blog entry 30 Dec 2008
Security Intel Analysis Team posted: 2008—Ending With a Bang
This has been an interesting year for high-profile vulnerabilities and security research. In 2008, awareness has been raised about a number of high impact, remote code-execution vulnerabilities affecting both server- and client-side applications. Published attacks targeted important protocols used
New blog entry 12 Dec 2008
Security Intel Analysis Team posted: Protecting Zero-Day
Hello, this is Anthony from the Symantec Intelligence Analysis Team. Earlier this week we had the opportunity to analyze an interesting shellcode that is associated with the initial malicious exploit attempts against the Microsoft Internet Explorer XML Handling Remote Code Execution Vulnerabilit
New blog entry 22 Nov 2008
Security Intel Analysis Team posted: Increase in Exploit Attempts Against MS08-067
Microsoft Security bulletin MS08-067 was an out-of-band security update that was released on October 23, 2008, to address a critical remotely exploitable vulnerability that was being exploited in the wild. The Microsoft Windows Server Service RPC Handling Remote Code Execution Vulnerability th
New blog entry 19 Nov 2008
Security Intel Analysis Team posted: Increase in USB-Based Malware Attacks
Symantec is currently observing an increase in malicious applications that use USB flash drive devices as a propagation method. Just as a clarification for any of our readers that are not familiar with the term “USB flash drive,” a USB flash drive is typically a removable portable storage device t
New blog entry 23 Oct 2008
Security Intel Analysis Team posted: Web Attacks Using Microsoft Help and Support Center Viewer
The Symantec DeepSight ThreatAnalysis team recently observed an interesting attack developmentrelated to a known vulnerability type. This seemingly new techniqueallows attackers to execute a malicious payload immediately on avictim's system, where in the past they weren't able to achieve

Technical Support

Symantec.com

Store

Community Stats

Total Content Items
Members
259,054