As 2009 turned into 2010, users of Symantec's Endpoint Protection Manager ran into trouble with updates for the program, as any patches released after the end of 2009 were misidentified as being out-of-date.
The company quickly released a series of stop-gap patches, which work around the problem by giving their release date as December 31, 2009, but no full solution has yet been released by Symantec, though The Register reports that programmers there are working "around the clock " to issue a fix.
Several other large security companies suffered from similar "Y2K10"-related issues, including Cisco and Apache. Datamation reports that German bank customers have encountered problems using their debit or credit cards due to the date-related glitches, and users of Apache's SpamAssassin email filtering system will see most of their 2010-dated email stopped as spam until the issue can be resolved. (The company recently released both a workaround and a patch to fix the problem.)
Some experts have said that the 2010-related problems outstripped the more famous "Y2K" glitches, which notoriously failed to cause the kind of widespread confusion that many predicted.
Tag Archives: Symantec
Symantec endpoint protection suffers from updating issue
Filed under Security News
Tagged as encpoint, outdated, patches, protection, SEP, Symantec, The Register, Updates
Tagged as encpoint, outdated, patches, protection, SEP, Symantec, The Register, Updates
New zero-day flaw discovered in older versions of Internet Explorer
Filed under Security News
Tagged as exploit, flaw, IE, javascript, malware, Symantec, vulnerability, zero-day
Tagged as exploit, flaw, IE, javascript, malware, Symantec, vulnerability, zero-day
Security researchers at Symantec report that new malware has targeted a memory corruption vulnerability in Internet Explorer 6 and 7, which carries the potential for system crashes or malicious redirects.
The company revealed the vulnerability in a blog post over the weekend, saying that, while the current iteration of the malware showed "signs of poor reliability," they expect well-written exploit code to hit the internet in "the near future." The Javascript-based exploit - which the researchers have dubbed Bloodhound.Exploit.129 - requires prospective victims to visit an infected website.
As usual, the best way to avoid being infected by this malware is to ensure that all of the latest security patches and updates have been applied. Symantec recommends disabling Javascript and only visiting trusted websites until Microsoft can release a bugfix for the vulnerability.
Though long since superseded by Internet Explorer 8, Internet Explorer 6 and 7 are still widely used by some enterprise consumers for reasons of compatibility and familiarity. Experts recommend upgrading to the latest version and keeping all software patched.
The company revealed the vulnerability in a blog post over the weekend, saying that, while the current iteration of the malware showed "signs of poor reliability," they expect well-written exploit code to hit the internet in "the near future." The Javascript-based exploit - which the researchers have dubbed Bloodhound.Exploit.129 - requires prospective victims to visit an infected website.
As usual, the best way to avoid being infected by this malware is to ensure that all of the latest security patches and updates have been applied. Symantec recommends disabling Javascript and only visiting trusted websites until Microsoft can release a bugfix for the vulnerability.
Though long since superseded by Internet Explorer 8, Internet Explorer 6 and 7 are still widely used by some enterprise consumers for reasons of compatibility and familiarity. Experts recommend upgrading to the latest version and keeping all software patched.
Security flaw in Adobe Flash exploited by Trojan malware
Security researchers at Symantec have identified a critical vulnerability in Adobe Flash that allows an attacker to infect PCs with Trojan malware upon opening a malicious Adobe Acrobat PDF file. Adobe acknowledged the flaw and said it is working on releasing a fix by July 30.
The Flash vulnerability affects current versions of Flash Player for Windows, Mac and Linux operating systems and the authplay.dll component that ships with Adobe Reader and Acrobat v9.x for Windows, Macintosh and UNIX, Adobe's security response team said on its blog.
Deleting, renaming or removing access to the authplay.dll file that ships with Adobe Reader and Acrobat v9.x mitigates the threat for those products, but users will experience a crash or error message when opening a PDF that contains SWF content, Adobe said.
Symantec warned Wednesday that the Flash bug is serious because of the widespread use of Flash across operating systems and products.
Whereas most vulnerabilities only affect one web browser or software product, Flash exists in all popular browsers and is also available in PDF documents.
"[T]herefore, the threat posed by this issue is not to be taken lightly," Symantec warned on its blog.
The Flash vulnerability affects current versions of Flash Player for Windows, Mac and Linux operating systems and the authplay.dll component that ships with Adobe Reader and Acrobat v9.x for Windows, Macintosh and UNIX, Adobe's security response team said on its blog.
Deleting, renaming or removing access to the authplay.dll file that ships with Adobe Reader and Acrobat v9.x mitigates the threat for those products, but users will experience a crash or error message when opening a PDF that contains SWF content, Adobe said.
Symantec warned Wednesday that the Flash bug is serious because of the widespread use of Flash across operating systems and products.
Whereas most vulnerabilities only affect one web browser or software product, Flash exists in all popular browsers and is also available in PDF documents.
"[T]herefore, the threat posed by this issue is not to be taken lightly," Symantec warned on its blog.
Gmail adds anti-phishing key icon for PayPal, eBay emails
Filed under Security News
Tagged as anti-phishing, Brad Taylor, czar, eBay, Gmail, Google, PayPal, spam, Symantec
Tagged as anti-phishing, Brad Taylor, czar, eBay, Gmail, Google, PayPal, spam, Symantec
Google announced on its Gmail blog that users can get visual verification of the authenticity of emails from PayPal and eBay by turning on the authentication icon from the Labs tab under settings. Doing so attaches an icon that looks like a key to emails from these verified senders.
Gmail spam czar Brad Taylor said in the post that Google added extra protection last year for PayPal and eBay emails due to the high volume of phishing attacks targeting online payments from these services.
"We do that by looking at the 'From' header and when it says 'ebay.com' for example, it means it really did come from ebay.com. Anything else is rejected; it won't even appear in your spam folder because Gmail won't accept it," Taylor wrote.
With the addition of the key icon, Gmail users get the visual confirmation that the emails have been verified as "super-trustworthy," Taylor said.
The anti-phishing verification is limited to just eBay and PayPal right now, but Google hopes to add more senders to the pool of super-trustworthy email.
In antivirus vendor Symantec's July State of Phishing report, the company said phishing attacks increased by 21 percent in June, with 80 percent of phishing websites targeting the financial sector.
Gmail spam czar Brad Taylor said in the post that Google added extra protection last year for PayPal and eBay emails due to the high volume of phishing attacks targeting online payments from these services.
"We do that by looking at the 'From' header and when it says 'ebay.com' for example, it means it really did come from ebay.com. Anything else is rejected; it won't even appear in your spam folder because Gmail won't accept it," Taylor wrote.
With the addition of the key icon, Gmail users get the visual confirmation that the emails have been verified as "super-trustworthy," Taylor said.
The anti-phishing verification is limited to just eBay and PayPal right now, but Google hopes to add more senders to the pool of super-trustworthy email.
In antivirus vendor Symantec's July State of Phishing report, the company said phishing attacks increased by 21 percent in June, with 80 percent of phishing websites targeting the financial sector.
Phishing attacks rose 21 percent in June
Spam email used to lure recipients into disclosing personal data such as credit card numbers - called phishing - rose by 21 percent in the month of June, according to web security firm Symantec. The United States remained the top hosting country of the attacks.
In the antivirus vendor's July State of Phishing report, Symantec said 38 percent of phishing websites in the month of June were generated using automated phishing toolkits.
Brands targeted by cyber-scammers were mainly in the financial sector (80 percent). Unique phishing websites accounted for 62 percent of all attacks, targeting 208 known brands. Unique sites rose 27 percent in June.
"The increase was likely a result of phishers evading the phishing mitigation tactics of several web hosting companies to their benefit" and an overall increase in the volume of phishing activity in June, the report said.
Symantec observed a spike in phishing websites using free web-hosting services, surging up 96 percent to account for 10 percent of all phishing sites.
Phishing emails were circulating last month that appeared to come from Microsoft and asked recipients to reconfigure their Outlook account by clicking on a link to a website where users are asked to fill in their account information.
In the antivirus vendor's July State of Phishing report, Symantec said 38 percent of phishing websites in the month of June were generated using automated phishing toolkits.
Brands targeted by cyber-scammers were mainly in the financial sector (80 percent). Unique phishing websites accounted for 62 percent of all attacks, targeting 208 known brands. Unique sites rose 27 percent in June.
"The increase was likely a result of phishers evading the phishing mitigation tactics of several web hosting companies to their benefit" and an overall increase in the volume of phishing activity in June, the report said.
Symantec observed a spike in phishing websites using free web-hosting services, surging up 96 percent to account for 10 percent of all phishing sites.
Phishing emails were circulating last month that appeared to come from Microsoft and asked recipients to reconfigure their Outlook account by clicking on a link to a website where users are asked to fill in their account information.
Michael Jackson spam email proliferates, spreads viruses
Surging popular interest in the wake of Michael Jackson's death last week has set off a bonanza of related spam email, some of which contains malicious links, viruses and scams designed to ensnare curious recipients.
Web security firm Symantec said in a blog post Wednesday that spammers have largely abandoned Fourth of July-themed spam that typically picks up around the holiday weekend, likely because Jackson's death continues to drive web traffic like nothing else.
"Surprisingly, it looks as if spammers are less passionate about spawning Independence Day spam this year. The probable reason for this neutrality could be the spam spike related to the death of pop star Michael Jackson," Symantec researcher Samir Patil said in the post.
Malware disguised as YouTube videos and other files purporting to contain missing Jackson songs and photos have been reported.
Scams have also proliferated, including one claiming to come from a concert ticket office based in London that requests the recipient's information for ticket reimbursement, information that could be used for identity theft and fraud, Symantec reported.
IT security firm Sophos also spotted malware in Jackson-related email, including one from a phony Italian YouTube site that asks users to download an update to their Flash player that executes the Trojan malware ZBot.
Web security firm Symantec said in a blog post Wednesday that spammers have largely abandoned Fourth of July-themed spam that typically picks up around the holiday weekend, likely because Jackson's death continues to drive web traffic like nothing else.
"Surprisingly, it looks as if spammers are less passionate about spawning Independence Day spam this year. The probable reason for this neutrality could be the spam spike related to the death of pop star Michael Jackson," Symantec researcher Samir Patil said in the post.
Malware disguised as YouTube videos and other files purporting to contain missing Jackson songs and photos have been reported.
Scams have also proliferated, including one claiming to come from a concert ticket office based in London that requests the recipient's information for ticket reimbursement, information that could be used for identity theft and fraud, Symantec reported.
IT security firm Sophos also spotted malware in Jackson-related email, including one from a phony Italian YouTube site that asks users to download an update to their Flash player that executes the Trojan malware ZBot.
Fake Twitter invites spreading email worm
Filed under Security News
Tagged as adobe, e-card, micro-blogging site, researcher, Sammy Chu, social networking users, social networks, spoof site, Symantec, Twitter, YouTube
Tagged as adobe, e-card, micro-blogging site, researcher, Sammy Chu, social networking users, social networks, spoof site, Symantec, Twitter, YouTube
Spam emails that appear to be invitations to join the micro-blogging site Twitter have been spreading a mass email worm that can steal email addresses from a user's PC. Symantec reported last week that the fake invites can be spotted because legitimate invites contain a URL link in the body.
Instead, the user will see an attachment that appears as a .zip file that purportedly contains an invitation card. The file is actually a malicious attachment known as the Ackantta worm, which gathers email addresses from infected computers and spreads by copying itself to removable drives and shared folders, Symantec said.
"As Twitter continues to gain popularity among social networking users, people are regularly receiving invitations and email updates from fellow users," Symantec researcher Sammy Chu said in a blog last week. "We expect that spammers will continue to use Twitter and other popular social networks as bait in their attacks."
Symantec had spotted an e-card virus attack in February that was used to spread the same Ackantta worm.
Twitter's booming popularity has also made it a growing target of phishing attacks and other types of spam.
Earlier this month, researchers spotted messages on Twitter that directed users to go to a YouTube spoof site to see a "best video." Users who visited the site could have had their PCs infected through vulnerable versions of Adobe Reader.
Instead, the user will see an attachment that appears as a .zip file that purportedly contains an invitation card. The file is actually a malicious attachment known as the Ackantta worm, which gathers email addresses from infected computers and spreads by copying itself to removable drives and shared folders, Symantec said.
"As Twitter continues to gain popularity among social networking users, people are regularly receiving invitations and email updates from fellow users," Symantec researcher Sammy Chu said in a blog last week. "We expect that spammers will continue to use Twitter and other popular social networks as bait in their attacks."
Symantec had spotted an e-card virus attack in February that was used to spread the same Ackantta worm.
Twitter's booming popularity has also made it a growing target of phishing attacks and other types of spam.
Earlier this month, researchers spotted messages on Twitter that directed users to go to a YouTube spoof site to see a "best video." Users who visited the site could have had their PCs infected through vulnerable versions of Adobe Reader.
IT security software spending up 19 percent last year
Filed under Security News
Tagged as Gartner, market leader, principal research analyst, Ruggero Contu, secure web gateway markets, security software, security software market, Symantec, USD
Tagged as Gartner, market leader, principal research analyst, Ruggero Contu, secure web gateway markets, security software, security software market, Symantec, USD
Global spending on IT security grew 18.6 percent to $13.5 billion in 2008, according to a report from Gartner. Analysts said demand for appliance-based products led growth in spending, particularly within email security and secure web gateway markets.
Although Symantec continued to be the market leader, accounting for 22 percent of worldwide security software in 2008, the company's market share was down from 24.4 percent of the market in 2007. McAfee experienced the strongest growth rate among the top five vendors.
The combined top five vendors' market share is gradually falling in favor of smaller players, Gartner said.
"During times of economic uncertainty and budget restrictions, IT security leaders increasingly need to show business value and cost-effectiveness for security measures, and this has impacted and slowed sales cycles," said Ruggero Contu, principal research analyst at Gartner.
Contu said software as a service (SaaS) and host-based offerings and expected increasing interest from the small and midsize business (SMB) sector will sustain growth in the market in 2009.
Gartner predicts that the security software market will show signs of slowdown but will continue to grow at around 9 percent.
Although Symantec continued to be the market leader, accounting for 22 percent of worldwide security software in 2008, the company's market share was down from 24.4 percent of the market in 2007. McAfee experienced the strongest growth rate among the top five vendors.
The combined top five vendors' market share is gradually falling in favor of smaller players, Gartner said.
"During times of economic uncertainty and budget restrictions, IT security leaders increasingly need to show business value and cost-effectiveness for security measures, and this has impacted and slowed sales cycles," said Ruggero Contu, principal research analyst at Gartner.
Contu said software as a service (SaaS) and host-based offerings and expected increasing interest from the small and midsize business (SMB) sector will sustain growth in the market in 2009.
Gartner predicts that the security software market will show signs of slowdown but will continue to grow at around 9 percent.
‘Big Brother’ phishing emails spotted
Filed under Security News
Tagged as Big Brother, researcher, Symantec, United Kingdom, VeriSign, Web security researchers
Tagged as Big Brother, researcher, Symantec, United Kingdom, VeriSign, Web security researchers
Cyber-scammers are jumping on the popularity of the UK version of the reality-TV show Big Brother in phishing emails that attempt to get recipients to divulge personal information, according to researchers at security vendor Symantec.
The new season of Big Brother, now in its 10th season on BBC4, began June 4th in the UK. The phishing emails invite recipients to apply to participate in a new version of the show called "Big Brother World" and offers details of how to get cast in the fake program.
The scammers ask recipients to reply with their full name, address, age and telephone number.
As the Symantec researcher observed, "even a casual look at the email reveals several spelling mistakes that start right from the subject line and continue on throughout the message," which should tip off users that it is not an official Big Brother contest.
However, a recent study by web security researchers from VeriSign found that 88 percent of study participants failed to spot spelling mistakes that would have alerted them to a phishing website.
The new season of Big Brother, now in its 10th season on BBC4, began June 4th in the UK. The phishing emails invite recipients to apply to participate in a new version of the show called "Big Brother World" and offers details of how to get cast in the fake program.
The scammers ask recipients to reply with their full name, address, age and telephone number.
As the Symantec researcher observed, "even a casual look at the email reveals several spelling mistakes that start right from the subject line and continue on throughout the message," which should tip off users that it is not an official Big Brother contest.
However, a recent study by web security researchers from VeriSign found that 88 percent of study participants failed to spot spelling mistakes that would have alerted them to a phishing website.