Items tagged with Symantec
Malware writes are a shifty bunch. If anyone needs further proof of that, Symantec has it, in the form of a warning over a new Android "Fakeapp" malware variant that spoofs Uber, the popular ridesharing service, to cover its tracks. While it may look innocent, the Fakeapp malware pulls its usual dirty tricks, including the theft of personal and sensitive information such as credit card details. "The Fakeapp variant we found had a spoofed Uber application user interface (UI) which pops up on the user’s device screen in regular intervals until the user gets tricked into entering their Uber ID (typically the registered phone number) and password," Symantec explains. After receiving the pop-up,...
Read more...
The smart home speaker market is red hot, with Amazon and Google leading the way with their respective Echo and Google Home products. And with Black Friday and Cyber Monday in view, there will be a lot more smart speakers find their way into homes this week, and through the holiday season. As with all Internet of Things (IoT) devices, it's important to keep security in mind, and Symantec has some tips on that very topic. "While they make life easier in some ways, could voice-activated smart speakers also be endangering people’s privacy and online security? The range of activities that can be carried out by these speakers means that a hacker, or even just a mischief-minded friend or neighbor,...
Read more...
Symantec has issued a warning that it found at least eight different apps on Google Play that were infected with a malware called Android.Sockbot. The apps all posed as add-ons for Minecraft: Pocket Edition and claimed to change the way characters look in the game with new skins. The infection from these apps was widespread with an install base between 600,000 and 2.6 million devices. The malware was mainly focused on infecting users in the U.S., but there were infections in Russia, Ukraine, Brazil, and Germany as well. Symantec says that it set up network analysis of the malware and found that it was aimed at generating illegal ad revenue. However, the apps had no functionality to display ads...
Read more...
The Nintendo Switch is one of the hottest items in tech these days, with the only other gadget that is as equally hard to find being its sibling — the NES Classic Edition. Although Nintendo has promised to double Switch production during the next fiscal year, finding a unit in stock online is a crapshoot and trying to score one at a brick and mortar retail establishment often means camping out the night before doors open. With the hot new console being so hard to find, it is often tempting for people to take shortcuts to get their hands on some Nintendo Switch gaming goodness. Unfortunately, there are scammers out there that are banking on these people to fall into their traps. The security...
Read more...
Security researchers on Google's Project Zero team have discovered critical security flaws in several of Symantec's software security products, including its popular Norton line for consumers and Endpoint Protection for enterprises. No small thing, among the vulnerabilities are several wormable remote code execution flaws."These vulnerabilities are as bad as it gets. They don't require any user interaction, they affect the default configuration, and the software runs at the highest privilege levels possible. In certain cases on Windows, vulnerable code is even loaded into the kernel, resulting in remote kernel memory corruption," the Project Zero team said.Since Symantec uses the same core engine...
Read more...
When we usually think of traditional computer viruses, we think of software that is meant to harm machines, turn them into mindless drones that do the bidding of their new master, or exploit the rightful owner’s personal data. However, Symantec recently shed some new light on a virus — first discovered in 2014 — that infects devices not to cause destruction, but to shore up their defenses against true security threats. Symantec first became aware of Linux.Wifatch back in January, but is just now becoming aware of the full scope of its capabilities. While most traditional malware is designed with ill-intent in mind, Wifatch seemingly infects routers and IoT devices to protect them from truly malicious...
Read more...
Symantec made the unsettling announcement today that it has discovered sophisticated malware that has been operating successfully on and off since 2008. Named Regin, the malware launches in a series of stages and is designed to avoid detection at each stage. Symantec hasn’t identified the organization that created Regin, but says that its sophistication, its targets, and the amount of time that would be needed to create it suggest that a nation state is responsible. Image Credit: SymantecRegin’s first stage is a Trojan. Once launched, the malware goes through several stages, each of which is encrypted. The payload is delivered in the fifth stage. Once complete, the malware can be used for spying...
Read more...
There seems to be a trend that is growing among major tech companies with breaking up into smaller pieces. Ebay and Hewlett-Packard announced that they were breaking up into smaller pieces. Now it seems Symantec Corp could be adapting that trend in the future, according to unnamed sources that spoke to Bloomberg who are knowledgeable about the matter. It seems that the software company is looking to split up its business into two separate companies. One side would focus on selling its Norton security programs while the other deals with data storage. The sources said that the plan is in advanced talks and that an announcement could be made in a few weeks. Image Source: Flick (Kazuhisa Otsubu)...
Read more...
Recent years have seen software publishers increasingly moving from boxed software to a subscription model. Adobe moved its famous Photoshop software and related programs to the subscription-based Creative Cloud in 2012 and hasn’t looked back. Microsoft still offers boxed versions of its Office software, but it has been heavily promoting the Office 365 subscriptions. Now, Symantec is heading to the subscription model with its flagship Norton computer security products. The new Norton Security pulls multiple Norton products into a single subscription that will run you about $80 per year. Symantec is pulling its array of security products into a subscription meant to protect all your devices,...
Read more...
A group of Russian hackers known collectively as either "Energetic Bear" or "Dragonfly" is mounting sabotage operations against a number of power and oil companies primarily located in the U.S. and throughout parts of Europe. Among the group's targets are energy grid operators, major electricity generation firms, petroleum pipeline operators, and energy industry equipment providers. Security outfit Symantec says the group is well resourced with access to a wide range of malware tools capable of launching attacks in a variety of ways. They've been operating since at least 2011 and perhaps longer. Initial targets included defense and aviation companies in the U.S. and Canada before the hacking...
Read more...
Symantec, which has been making antivirus products for decades (including Norton, the first piece of software most people would try to remove from a new PC), is getting out of the antivirus game, sort of. Brian Dye, Symantec's senior vice president for information security, told the Wall Street Journal that in Synamtec’s view, antivirus is dead. "We don't think of antivirus as a moneymaker in any way," he stated. That doesn't mean the company is completely abandoning Norton, but it is heading in a new direction. Basically, instead of primarily focusing on keeping the walls secure, Symantec is more interested in what to do when (not if) cybercriminals break through. In a year, this will...
Read more...
Sometimes it stinks being right. To wit, Symantec earlier this month talked about the discovery of a so-called "Master Key" vulnerability in Android that would allow remote attackers to inject malicious code into legitimate apps without invalidating the signature. Symantec called it a "serious Android vulnerability," fearing that it would quickly be spotted in the wild. Less than a month later, Symantec was proven right. Norton Mobile Insight—our system for harvesting and automatically analyzing Android applications from hundreds of marketplaces—has discovered the first examples of the exploit being used in the wild," Symantec stated in a blog post. "Symantec detects these applications...
Read more...
In what sounds like a scene out of one of those (well meaning, but never remotely accurate) cyber-action movies, teams of technicians from Symantec and Microsoft’s Digital Crimes unit wielding a court order from the U.S. District Court in Alexandria, Virginia, were escorted by U.S. Federal Marshals in raids on data centers in New Jersey and Virginia yesterday. Yes, that happened. According to Reuters, the purpose of the raids was to shut down the Bamital botnet by yanking offline servers that had been used to control between 300,000 and 1 million infected PCs as part of a massive click fraud campaign perpetrated by at least 18 individuals scattered across the globe, including in Russia,...
Read more...
On Friday, security firm Symantec discovered a Trojan called Backdoor.Makadocs, which in typical backdoor Trojan fashion accesses a compromised system and attempts to swipe data from it. The interesting bit is that it uses Google Docs as a proxy server to get around firewalls and connect to a C&C server, instead of attempting to connect directly. Using social engineering tactics to engage a user’s interest in the file, the Trojan arrives as a Rich Text Format (RTF) or Microsoft Word document; when a user opens it, the payload is delivered. Essentially all versions of Windows are affected, from Windows 95 to Windows 7 (and Windows Server 2003 and 2008), and now Symantec says that the...
Read more...
It’s not clear how many jobs will be lost, but according to a Reuters report, at least a small percentage of Intel’s McAfee security division will be getting the pink slip soon. McAfee has about 7,100 employees, so even a “small percentage” could be a lot of people. McAfee is best known for its desktop PC security software, and the division--which was apparently worth up to $7.7 billion when Intel bought it early last year--and a dip in PC sales market-wide may be having an impact on McAfee’s bottom line as it competes with number one security software maker Symantec. McAfee headquarters Both companies may be facing increasing pressure from the new version of Windows...
Read more...
Symantec, apparently unhappy with the ways thing have been going, ousted its Chief Executive Officer of three years and severed ties with a man who had been with the company for almost two decades. That man is Enrique Salem, and his termination took affect immediately following a review by Symantec's board of directors. Stepping in his place is board chairman Steve Bennett, who had mostly good things to say about Salem, despite initiating the review that led to his immediate dismissal. "Enrique Salem has been a significant contributor during his 19 years’ associated with Symantec, including the last three years as CEO," said Steve Bennett, chairman, president, and CEO. "While progress has...
Read more...
There was a moment in time where our smartphones and tablets offered all of the wonders of the powerful mobile computing without the cloying downside of security threats we became so accustomed to with our desktops and notebooks. That moment has more or less passed, as individuals and companies alike are getting wise to the growing security threats from malware, forgetful employees, and thieves. Perhaps it’s time to get some protection for your Android device. Symantec certainly thinks so, as the company announced additions to its existing enterprise mobile security portfolio with Symantec Mobile Security for Android. The new feature is designed to blend with Symantec Mobile Security and...
Read more...
Security firm Symantec is busy cleaning up a bit of egg on its face after pushing out a signature update that decided not to play nice with some Windows XP machines. Symantec disclosed the problem on its website, saying that the SNAFU only affected machines running a combination of Windows XP, the latest version of its SONAR technology, and certain third party software. "The root cause of the issue was an incompatibility due to a three way interaction between some third party software that implements a file system driver using kernel stack based file objects – typical of encryption drivers, the SONAR signature and the Windows XP Cache manager. The SONAR signature update caused new file...
Read more...
Earlier this month, Symantec essentially shrugged after hacker group Lords of Dharmaraja swiped source code to some Symantec products from Indian military servers and threatened to release it. Now, it appears to have been a lot of false bravado on Symantec’s part. Symantec has publicly acknowledged the breach(es), the extent of the damage, and what customers should do about it. In a special post on its website, Symantec said; Our investigation continues to indicate that the theft is limited to only the code for the 2006 versions of Norton Antivirus Corporate Edition; Norton Internet Security; Norton SystemWorks (Norton Utilities and Norton GoBack); and pcAnywhere. However, after analysis,...
Read more...
In a post on pastebin (which has been removed, though it is cached here), a hacker group called the Lords of Dharmaraja claimed that it hacked an Indian Military Intelligence server and snagged source codes from a dozen different companies, most notably (apparently) the source code to Symantec’s Norton Antivirus. The group posted a file it said “describes the application programming interface specifications required for generating virus definitions automatically from the Immune System analysis center.” Obviously, the ability to for cyber ne’er-do-wells to dig into one of Symantec’s flagship products (especially as users rely on it to ward off malware) and share the...
Read more...
Have you noticed less spam in your inbox lately? According to Symantec’s November Intelligence Report, the rate of spam worldwide is close to a three-year low. Symantec notes that spam currently encompasses 70 percent of all emails. Compared to 2009 when spam accounted for 90 percent of all global emails, this is a significant drop. After the spam hosting IPS McColo was shut down in 2008, spam levels reached a low of 68 percent. The report also shows that the type of spam we’re receiving is changing. In November, Pharmaceutical spam was the most common, comprising 32.5 percent followed by watches and jewelry. Unsolicited newsletters, adult/sex/dating spam messages, and weight loss...
Read more...
Symantec published a paper titled “The Nitro Attacks: Stealing Secrets from the Chemical Industry”, which details a prolonged hacker attack against several private companies in the chemical business. According to the paper, the hackers were after “intellectual property such as design documents, formulas, and manufacturing processes”. The attacks lasted from late July through the middle of September. Even more notable is that this is not apparently the hacker group’s first go-round; it’s just the latest whitecap in a long-running crime wave. The group targeted human rights NGOs starting in April, hit the motor industry in May, and took a break in the early summer...
Read more...
