/
Security Response

Security Response

Our security research centers around the world provide unparalleled analysis of and protection from IT security threats that include malware, security risks, vulnerabilities, and spam.

90 Day Global Threats, Risks, and Vulnerabilities Timeline

Risk

Threat

Vulnerability

Most Active New Threats

View all Threats| View all Risks

Name	Type	Protected*	Discovered
Trojan.Zeroaccess!g43	Trojan	05/14/2013	05/14/2013
Trojan.Modred	Trojan	05/14/2013	05/14/2013
Trojan.Ransomlock.Q!g4	Trojan	05/14/2013	05/14/2013
Trojan.Febipos	Trojan	05/13/2013	05/13/2013
Trojan.Ransomlock!g52	Trojan	05/13/2013	05/12/2013
W32.Pilleuz!gen38	Worm	05/10/2013	05/10/2013
W32.Phopifas!gen2	Worm	05/10/2013	05/10/2013
Packed.Generic.410	Trojan	05/10/2013	05/10/2013
Trojan.Ransomlock!g51	Trojan	05/09/2013	05/09/2013

*For continued protection, make sure that your Symantec subscription and/or license are up to date.

Threat Spotlight: Trojan.
Ransomlock

Trojan.Ransomlock is a detection for Trojan horse programs that lock the desktop of a compromised computer making it unusable.

The threat may arrive on the compromised computer by various means, such as visiting malicious sites, by opening untrusted links or advertisement banners, or by installing software from untrusted sources.

These programs attempt to convince the user to pay money in order to have their computer unlocked and use a variety of different techniques in order to encourage the user to pay the ransom.

More information on Trojan.Ransomlock is available in the threat family writeup.

Best Practices

With the rapid rise in the number of malware attacks it’s harder than ever to prevent machines from getting infected. But have you done everything you can do? Have you done the things you must do to stay protected? Following some simple best practices can make a tremendous difference in improving your protection. Symantec has assembled a set of best practices for today’s threat landscape.

Use these recommendations to know what you must, should and can do to protect your endpoints from malware.

Want to go further and really beef up protection on your endpoint machines? Symantec Endpoint Protection has a feature called Application and Device Control that gives you additional tools to protect your endpoints. Find out about Application and Device Control and download rulesets especially created by Symantec to increase your protection. Information available here.

White Paper Spotlight: Stuxnet 0.5: The Missing Link

In 2010, Symantec reported on a new and highly sophisticated worm called Stuxnet. This worm became known as the first computer software threat that was used as a cyber-weapon. The worm was specifically designed to take control over industrial plant machinery and make them operate outside of their safe or normal performance envelope, causing damage in the process. This was a first in the history of malware. Clues in the code pointed to other versions of the worm which could potentially perform different actions leaving an open question about Stuxnet and how it came to be. The wait for the missing link is now over. Symantec have now discovered an older version of Stuxnet that can answer the questions about the evolution of Stuxnet.

You can read the full details of Stuxnet 0.5 in our whitepaper.

View the full set of Symantec Security Response white papers.