Computerworld Symantec News

Smartphones take center stage in two-factor authentication schemes

(David Strom) — Mon, 20 May 2013 14:30:00 GMT

We all know that relying on a simple user ID and password combination is fraught with peril. One alternative is to use one of the single sign-on solutions we reviewed last year, but there are less expensive options that could also be easier to install.

New Mac spyware found on Angolan activist's computer

(Lucian Constantin) — Fri, 17 May 2013 12:04:00 GMT

Previously unknown Mac OS X spyware, signed with a valid Apple Developer ID, has turned up on the laptop of an activist from Angola at a human rights conference in Norway.

It's better to call ahead before sending malware, Symantec finds

(Jeremy Kirk) — Tue, 14 May 2013 02:44:00 GMT

Hackers are finding it pays to call ahead before sending malware-laden email.

Adobe warns of unpatched critical flaw in ColdFusion

(Lucian Constantin) — Thu, 09 May 2013 14:50:00 GMT

Adobe has warned users of its ColdFusion application server platform of a critical vulnerability that could give unauthorized users access to sensitive files stored on their servers.

Senators want sanctions against countries that support cyberattacks

(Grant Gross) — Wed, 08 May 2013 17:49:00 GMT

Two U.S. senators will push Congress or President Barack Obama's administration to pursue trade and immigration sanctions against China and other countries that allegedly support cyberattacks on U.S. government agencies and businesses, the lawmakers said Wednesday.

SAP and Oracle winners as software growth slows, IDC says

(Mikael Ricknäs) — Mon, 22 Apr 2013 17:03:00 GMT

A growing interest in big data, analytics and cloud computing helped propel a weak software enterprise market last year, according to research from IDC. SAP and Oracle fared the best among the large software vendors.

Targeted attacks up over 2012, SMBs increasingly at risk: Symantec

(Patrick Budmar) — Wed, 17 Apr 2013 12:44:00 GMT

The number of targeted attacks almost doubled in 2012 compared to the prior year.

Symantec report finds small businesses battered by cybercrime

(Jeremy Kirk) — Tue, 16 Apr 2013 06:27:00 GMT

Cybercriminals are increasingly targeting small businesses due to their less sophisticated defenses, according to a new report from Symantec.

Malware abuses Chromium Embedded Framework, developers fight back

(Lucian Constantin) — Mon, 25 Mar 2013 18:20:00 GMT

A new version of the TDL rootkit-type malware program downloads and abuses an open-source library called the Chromium Embedded Framework that allows developers to embed the Chromium Web rendering engine inside their own applications, according to security researchers from antivirus vendor Symantec.

TeamViewer-based cyberespionage operation targets activists, researchers say

(Lucian Constantin) — Thu, 21 Mar 2013 14:28:00 GMT

Security researchers have uncovered yet another ongoing cyberespionage operation targeting political and human rights activists, government agencies, research organizations and industrial manufacturers primarily from Eastern European countries and former Soviet Union states.

Symantec finds Linux wiper malware used in S. Korean attacks

(Jeremy Kirk) — Thu, 21 Mar 2013 02:05:00 GMT

Security vendors analyzing the code used in the cyberattacks against South Korea are finding nasty components designed to wreck infected computers.

Security appliances are riddled with serious vulnerabilities, researcher says

(Lucian Constantin) — Fri, 15 Mar 2013 00:16:00 GMT

The majority of email and Web gateways, firewalls, remote access servers, UTM (united threat management) systems and other security appliances have serious vulnerabilities, according to a security researcher who analyzed products from multiple vendors.

Researchers link latest Java zero-day exploit to Bit9 hack

(Lucian Constantin) — Mon, 04 Mar 2013 13:08:00 GMT

The attacks discovered last week that exploited a previously unknown Java vulnerability were likely launched by the same attackers that previously targeted security firm Bit9 and its customers, according to researchers from antivirus vendor Symantec.

New evidence shows Stuxnet used since at least 2007

(Lucian Constantin) — Tue, 26 Feb 2013 22:25:00 GMT

Researchers from security firm Symantec have found and analyzed a version of the Stuxnet cybersabotage malware that predates previously discovered versions by at least two years and used a different method of disrupting uranium enrichment processes at Iran's nuclear facility at Natanz.

Mandiant report on Chinese cyberespionage used as bait in spear-phishing attacks

(Lucian Constantin) — Thu, 21 Feb 2013 22:39:00 GMT

Attackers are using fake versions of a recently released report about a Chinese cyberespionage group as bait in new spear-phishing attacks that target Japanese and Chinese users.

Certificate Authorities to push for better certificate-revocation checking

(Lucian Constantin) — Thu, 14 Feb 2013 20:57:00 GMT

Several Certificate Authorities (CAs) have formed an advocacy group called the Certificate Authority Security Council (CASC), which will focus on promoting new security standards, policies and best practices for SSL (Secure Sockets Layer) deployment on the Web.

Microsoft, Symantec take down Bamital click-fraud botnet

(Jeremy Kirk) — Thu, 07 Feb 2013 00:08:00 GMT

Microsoft and Symantec have dismantled a botnet that took over millions of computers for criminal activities such as identity theft and click fraud.

New York Times computer network breached by Chinese hackers, paper says

(Lucian Constantin) — Thu, 31 Jan 2013 13:30:00 GMT

Hackers from China breached the computer network of The New York Times and stole passwords that allowed them to gain access to computers and email accounts for a period of four months, the newspaper reported late Wednesday.

Symantec CEO on reorg: 'our system is just broken'

(Ellen Messmer) — Thu, 24 Jan 2013 15:59:00 GMT

Under the helm of new CEO Steve Bennett, Symantec late yesterday outlined a re-organization intended to lead to a leaner company and a new range of security and backup services and products, built primarily on internal research and development not acquisitions, within the next six to nine months.

Symantec streamlines software lines

(Joab Jackson) — Wed, 23 Jan 2013 21:57:00 GMT

Security software provider Symantec is reworking its sales strategy, reorganizing software lines, slimming middle management and increasing marketing and research efforts.

Security researchers cripple Virut botnet

(Lucian Constantin) — Mon, 21 Jan 2013 14:51:00 GMT

Many of the domain names used by a cybercriminal gang to control computers infected with the Virut malware were disabled last week in a coordinated takedown effort, Spamhaus, an organization dedicated to fighting spam, announced Saturday.

Stabuniq malware found on servers at U.S. financial institutions

(Lucian Constantin) — Fri, 21 Dec 2012 13:38:00 GMT

Security researchers from Symantec have identified an information-stealing Trojan program that was used to infect computer servers belonging to various U.S. financial institutions.

More data-wiping malware found in Iran

(Lucian Constantin) — Mon, 17 Dec 2012 13:27:00 GMT

A new piece of malware that deletes entire partitions and user files from infected computers has been found in Iran, according to an alert issued Sunday by Maher, Iran's Computer Emergency Response Team Coordination Center.

Police-themed ransomware speaks to victims -- literally

(Lucian Constantin) — Mon, 10 Dec 2012 17:13:00 GMT

A new variant of a Trojan program called Reveton that prevents victims from using their computers and displays rogue messages from law enforcement agencies is using localized voice messages to trick victims into paying made-up fines, according to researchers from antivirus vendor Trend Micro.

Attackers can abuse Yahoo developer feature to steal user emails, other data

(Lucian Constantin) — Tue, 04 Dec 2012 01:45:00 GMT

Attackers can read emails, contacts and other private data from the accounts of Yahoo users who visit a malicious page by abusing a feature present on Yahoo's Developer Network website, says an independent security researcher.

Symantec spots odd malware designed to corrupt databases

(Jeremy Kirk) — Fri, 23 Nov 2012 01:49:00 GMT

Symantec had spotted another odd piece of malware that appears to be targeting Iran and is designed to meddle with SQL databases.

Malware uses Google Docs as proxy to command and control server

(Lucian Constantin) — Mon, 19 Nov 2012 16:56:00 GMT

Security researchers from antivirus vendor Symantec have uncovered a piece of malware that uses Google Docs, which is now part of Google Drive, as a bridge when communicating with attackers in order to hide the malicious traffic.

Employees Engage in Rogue Cloud Use Regardless of Security Policies

(Thor Olavsrud) — Tue, 13 Nov 2012 20:39:00 GMT

Studies show that employees are engaging in rogue use of the cloud, even when IT organizations say they have clear formal cloud policies and penalties for violation of the policies.

Hundreds of Google Play apps create spoofed messages in users' SMS inboxes, Symantec says

(Lucian Constantin) — Tue, 06 Nov 2012 20:05:00 GMT

About 200 Android applications currently hosted on Google Play create spoofed SMS messages on the devices they are installed on, according to security researchers from antivirus vendor Symantec.

Hackers claim attacks against ImageShack, Symantec, PayPal, other websites

(Lucian Constantin) — Mon, 05 Nov 2012 15:29:00 GMT

Different hacker groups claim to have breached servers belonging to ImageShack, Symantec, PayPal and other organizations.

Spammers abuse .gov URL shortener service in work-at-home scams

(Lucian Constantin) — Mon, 22 Oct 2012 14:46:00 GMT

Spammers have found a way to abuse a URL shortener service destined for U.S. government social media activities in order to craft rogue .gov URLs for work-at-home scams.

Kaspersky discovers miniFlame cyberespionage malware directly linked to Flame and Gauss

(Lucian Constantin) — Mon, 15 Oct 2012 16:37:00 GMT

Security researchers from Kaspersky Lab have identified another piece of malware targeting the Middle East that is likely part of the interrelated cyberespionage efforts behind Stuxnet, Duqu, Flame and Gauss.

Getting forensics data off of smartphones and tablets can be tough, experts say

(Ellen Messmer) — Fri, 12 Oct 2012 14:36:00 GMT

Trying to get computer forensics data out of mobile smartphones and tablets in order to conduct investigations is hard -- often much harder than on PCs, laptops or Macs -- and experts say that forensics tools need to improve.

Symantec adds disaster recovery capabilities to Veritas Cluster Server

lmearian@computerworld.com (Lucas Mearian) — Tue, 09 Oct 2012 16:30:00 GMT

Veritas Cluster Server now monitors applications running in virtual machines, and can take action to recover them if they go down as well as migrate VMs without downtime.

Malware-infected computers rented as proxy servers on the black market

(Lucian Constantin) — Tue, 09 Oct 2012 14:20:00 GMT

Cybercriminals are using computers infected with a particular piece of malware to power a commercial proxy service that funnels potentially malicious traffic through them, according to security researchers from Symantec.

Good Technology buys AppCentral to boost mobile app management

(Mikael Ricknäs) — Tue, 02 Oct 2012 12:04:00 GMT

Good Technology has acquired AppCentral, and plans to use the new technology to improve its ability to manage and secure mobile enterprise applications.

'Flame' malware may have siblings, study finds

(Jeremy Kirk) — Tue, 18 Sep 2012 00:56:00 GMT

A deeper look into the Flame malware, linked to the infamous Stuxnet, has revealed that it may be just one of four pieces of malware created by the same unknown development team.

Elite hacker gang has unlimited supply of zero-day bugs

gkeizer@computerworld.com (Gregg Keizer) — Fri, 07 Sep 2012 18:36:00 GMT

An elite hacker group targeting defense industry sub-contractors has an inexhaustible supply of zero-days, or vulnerabilities that have yet to be publicized, much less patched, Symantec said today.

Virus infects a banking Trojan, leaving both operative

(Tim Greene) — Thu, 06 Sep 2012 13:33:00 GMT

When malware infects a machine it usually goes after the system software. But in a rare case worked on by SpiderLabs, researchers found a Trojan that had been infected by a virus, leaving both still functioning as normal.

Windows 8 'doesn't move the needle' on security, says Symantec

gkeizer@computerworld.com (Gregg Keizer) — Thu, 06 Sep 2012 10:45:00 GMT

Symantec said Windows 8 "doesn't move the needle much" on security as it rolled out new versions of its antivirus software and promised to provide users with several so-called "Modern" apps for the new operating system.

4 security suites that protect all your devices

preston@gralla.com (Preston Gralla) — Thu, 06 Sep 2012 10:00:00 GMT

Security suites from McAfee, Symantec, Trend Micro and Webroot offer protection for all your devices along with Web-based management.

NetBackup 7.6 gets tight with VMware

lmearian@computerworld.com (Lucas Mearian) — Mon, 27 Aug 2012 10:02:00 GMT

Symantec today said it has more tightly integrated its flagship NetBackup software with VMware, allowing much of the storage functions to be managed through the vCenter Console.

Kill timer found in Shamoon malware suggests possible connection to Saudi Aramco attack

(Lucian Constantin) — Thu, 23 Aug 2012 17:33:00 GMT

A timer found in the Shamoon cyber-sabotage malware discovered last week matches the exact time and date when a hacktivist group claims to have disabled thousands of computers from the network of Saudi Aramco, the national oil company of Saudi Arabia.

Crisis malware infects VMware virtual machines, researchers say

(Lucian Constantin) — Tue, 21 Aug 2012 17:05:00 GMT

The Windows version of Crisis, a piece of malware discovered in July, is capable of infecting VMware virtual machine images, Windows Mobile devices and removable USB drives, according to researchers from antivirus vendor Symantec.

Shamoon malware cripples Windows PCs to cover tracks

gkeizer@computerworld.com (Gregg Keizer) — Fri, 17 Aug 2012 16:39:00 GMT

A new Trojan horse tries to covers its tracks by crippling the victim's computer after stealing data, a security researcher said today.

Violin to bring deduplication, replication, other tools to all-flash storage arrays

(Stephen Lawson) — Mon, 13 Aug 2012 19:04:00 GMT

Violin Memory plans to add deduplication, thin provisioning, snapshots and other features in a software update for its all-flash storage arrays, in a bid to match some key features that enterprises are used to getting in disk-based platforms.

Software vendors reach out to users who resist upgrades

gkeizer@computerworld.com (Gregg Keizer) — Mon, 13 Aug 2012 10:00:00 GMT

Several major software companies, including Microsoft and Symantec, kicked off an initiative called International Technology Upgrade Week to persuade customers to keep their code current.

Shylock malware injects rogue phone numbers in online banking websites

(Lucian Constantin) — Wed, 08 Aug 2012 15:31:00 GMT

New configurations of the Shylock financial malware inject attacker-controlled phone numbers into the contact pages of online banking websites, according to security researchers from antivirus vendor Symantec.

New Mac Trojan hints at ties to high-priced commercial hacking toolkit

gkeizer@computerworld.com (Gregg Keizer) — Fri, 27 Jul 2012 17:37:00 GMT

French security firm Intego discovered a new Mac Trojan horse this week that is being used to target specific individuals.

Symantec president and CEO replaced by company's chairman

(Loek Essers, John Ribeiro) — Wed, 25 Jul 2012 15:55:00 GMT

Security software vendor Symantec said that Enrique Salem, its president and chief executive officer, had stepped down immediately after the company reported that its revenue for the quarter ended June 29 grew 1% year-over-year to $1.7 billion.