Archive for Symantec

Norton and Staples Canada Launch Norton Virus Protection Service

Posted in Commentary with tags , on July 18, 2014 by itnerd

Norton and Staples in Canada have launched a very unique service that helps to protect you from viruses. Called the Norton Virus Protection Service, it’s not simply just another boxed product. Here’s the key points:

  • When customers purchase any installation package with Norton 360 Multi-Device on their computer. The customer follows the normal product support and if it is detected that they have a virus, Norton Support will provide their extended Virus Removal Service included with this product through the Staples Easy Tech Services.
  • If remote services do not resolve the virus issue, Norton will have an agent dispatched to examine the problem on-site.
  • This service can be added on to most installation services available through Staples Easy Tech Centres.
  • Norton Virus Protection Services covers one user, for one year from the date of installation.
  • The product/attached services are available exclusively at Staples locations across Canada
  • The Norton Virus Protection Service is available on your first device for $99, additional services can be purchased for your other devices for only $49 each (PC’s, Mac’s, smartphones and tablets).
  • These products are available in both English and French.

The key thing is that support is available 24/7. So you can get help when you need it. That’s key because according to Symantec, 80% of Canadian consumers still believe they will NOT fall victim to a computer virus, malware or spyware in 2014. From my personal experience I know that if you don’t protect yourself you will get hit by something. So any service that makes it easy to protect consumers from all of that is a good thing. Thus I believe that  Staples and Norton have a winner here that a variety of people would benefit from.

Android Malware Scammer Who Pocketed $3.9 Million Busted: Symantec

Posted in Commentary with tags on July 29, 2013 by itnerd

If you’re a fan of Poker, you’ll recognize the name of Masaaki Kagawa. For those who who aren’t into poker, he’s an avid and successful poker tournament player who won more than $1 million in worldwide tournaments. He also had a side hobby. He ran operation that dealt in Android Marware. Mr. Kagawa’s operation began around September, 2012 and ceased in April, 2013 when authorities in Tokyo raided the company office. Symantec confirmed around 150 domains were registered to host malicious Android apps during this span. The group was able to collect approximately 37 million email addresses from around 810,000 Android devices. As a result, the company earned approximately $3.9 million US dollars by running a fake online dating service called Sakura site. Spam used to lure victims to the dating site was sent to the addresses collected by the malware.

If you want more detail about Kagawa and how Symantec helped to take him down and stop this threat to Android users click here. It shows how security companies like Symantec is making the digital world safe for all.

Android Malware Toolkit On Underground Economy: Symantec

Posted in Commentary with tags , on July 17, 2013 by itnerd

If you use an Android phone. Then you need to read this Symantec blog post. Mobile malware is now a commercial product available on the online underground economy and the development of mobile malware toolkits is one indication the evolution of mobile malware is steadily moving towards becoming a true criminal enterprise. An example of this is the so called AndroRAT APK Binder which is a tool now being sold on the online underground economy that easily allows an attacker with limited expertise to automate the process of infecting any legitimate Android application with the AndroRAT malware, thus Trojanizing the app. Symantec data shows only several hundred infections of AndroRAT worldwide at this time; however, the telemetry is reporting a recent rise in infection numbers, which Symantec expects to continue as both the availability and sophistication of tools such as AndroRAT APK Binder increase.

If that doesn’t make you nervous, it should. I would recommend reading the blog post and protecting yourself accordingly.

Symantec Looks At Organizations Attitudes Towards Migration To Windows Server 2012

Posted in Commentary with tags , on May 27, 2013 by itnerd

The only thing that is constant in IT is change. One of the bigger changes for IT is Windows Server 2012. Symantec wanted to see how businesses are doing when it comes to navigating their way through these changes. These key facts emerged:

  • While many are planning to upgrade to Windows Server 2012, 93 percent haven’t actually made the move yet

For those that are planning to migrate:

  • 13 percent plan to make the move after the 1st service pack
  • 15 percent within the next 6 months
  • 17 percent within the next 12 months
  • 11 percent in more than 12 months

So it looks like there is a conservative march towards Windows Server 2012 which is likely the sensible thing to do. The report that Symantec did on this topic also reports on what factors are responsible for this slow pace of transition as well as other factors that organizations are considering. It’s a very interesting read and worth a look if you’re looking to move to Windows Server 2012.

Cybercriminal Tactics Are Changing: Symantec

Posted in Commentary with tags on April 17, 2013 by itnerd

Symantec yesterday released their latest Internet Security Threats Report with something that caught me off guard. There was a 58 percent increase in mobile threats occurred last year, with a third of those threats designed to steal information. These are threats that are aimed at smartphones and tablets. Not only that, social networks are becoming more of the launching pad for attacks, not to mention that targeted attacks, hacktivism, and data breaches are on the rise. Not good if you ask me. I strongly suggest that you give this a read if you have a business or support users in a business from a IT security perspective.

Now on the mobile front, I’ll mention this: Symantec announced an update to their Mobile Management Suite that provides some protection from the mobile related threats. Updates include:

  • a secure email client for both iOS and Android platforms
  • single sign-on across wrapped apps to improve authentication process and security
  • SSL policing and URL whitelisting for secure app connections

More details can be found in this blog post. Businesses who have mobile devices deployed, should take a look at this.

 

 

Symantec Has Further Analysis On South Korean Cyberattacks

Posted in Commentary with tags on April 2, 2013 by itnerd

You might remember a story that I posted about Symantec’s analysis of recent cyber-attacks on South Korea. Here’s an update for you. Symantec previously identified a particular backdoor (Backdoor.Prioxer) that surfaced during another major attack against South Korea in 2011.  A modified version of this backdoor was also discovered during the attacks taking place this year. There are indications that the same individuals are responsible for the 2011 and 2013 versions, pointing towards a possible connection between the two attacks.

Further analysis indicates these threats are the work of only one group. It seems unlikely that an independent hacktivist is behind these attacks. There are implications that someone has either paid or been ordered to perform these attacks, either as a contractor or as an employee of some sort.

Further details can be found here. It’s a very interesting read.

Symantec Analysis On Malware Affecting South Korea

Posted in Commentary with tags , on March 20, 2013 by itnerd

You might have heard the news that South Korea was hacked with banks and TV broadcasters being the targets. Symantec has done an analysis of the marware being used in these attacks and here’s what they came up with:

  • Symantec detects the malware as Trojan.Jokra.
  • The malware wipes the hard disks of infected computers and send them into a reboot, rendering them unusable.
  • The malware attempts to perform the same wiping actions on any drives attached or mapped to the compromised computer.
  • While there are currently no indications of the source of this attack or the motivations behind it, it may be part of either a clandestine attack or the work of nationalistic hacktivists taking issues into their own hands.

Now North Korea is thought to be the source of these attacks, but who knows if that’s the case or not. If you want to read the details, check out the full article here.

E-mail Marware Down. V-Day Spam Up…. Symantec

Posted in Commentary with tags on February 17, 2013 by itnerd

This month’s Symantec Intelligence Report has a few interesting things.

First they find that the email malware rate has dropped significantly since December, where only one in 400 emails containing a virus in January. This is the lowest virus rate they’ve seen since 2009. It could indicate that email virus distributors took a break after the holiday season, or that they have continued to migrate away from email as a choice for malicious payload delivery.

Second, Valentine’s Day spam is in full swing. Such spam generally arrives as an ecard during this time of year, preying upon a potential victim’s curiosity about a potential secret admirer—a situation where a legitimate email would likely arrive unsolicited in the first place. Unfortunately many such emails around this time of year do not lead to unexpected romance, but rather fake bargains, phishing attempts, or malicious code.More details on these scams can be found here [Warning: PDF].

Finally, Symantec and Microsoft partnered to take down a notorious botnet: Bamital. The primary purpose of this botnet has been to generate ad revenue by hijacking search engine results, redirecting them to a C&C server hosting ads of the attacker’s choosing. Symantec has been tracking this botnet since 2009, and has successfully shut down the all known components of used to operate the botnet. Security Response has released a whitepaper, providing a detailed overview of the botnet, which is available for download here [Warning: PDF].

The Symantec Intelligence Report [Warning: PDF] is now online for your viewing pleasure.

The US Dominates Spam, Phishing, And Virus Attacks: Symantec

Posted in Commentary with tags , on January 15, 2013 by itnerd

Symantec has released its December 2012 Intelligence Report. The report finds that in December, the United States claimed the dubious honor of being the largest source of spam at 12.7%, phishing scams at 24.2%, and virus attachments at 40.9% globally. That’s a shock to me and I’m sure it’s a shock to you as well.

Speaking of spam, the Sex/Dating category dominated global spam traffic, making up a whopping 82.6% of all spam traffic. This category often takes the top spot, beating out pharmaceutical spam, but the margin rarely is this large.

You can find the report here (Warning: PDF) and it is truly worth a read.

Symantec Details What Types Of Information Is Stolen During A Data Breach

Posted in Commentary with tags on December 15, 2012 by itnerd

One of the reasons I post the Symantec Intelligence Report is that it contains information that individuals and businesses need to know about securing their IT environments. This month is no different. The topic is data breaches and rather than look at the data breach trends (the nature of the breaches) the report focuses on the types of data stolen during a breach. And as it turns out the most commonly stolen information is often much more personal that people might first expect.

image001

The report also examines the inevitable increase in holiday-related spam, both the frequency and size of spam messages.

Take a look at the report here [Warning: PDF] for more details.

Follow

Get every new post delivered to your Inbox.

Join 189 other followers