There has been a lot of coverage in the tech-related blogosphere lately regarding a specific threat called (among other things) Trojan.Gpcoder.F. Once this malware has infected your machine it searches for files on your system that could potentially be important to you (based on the extension of the file) and then encrypts the data using a 1024 bit key (technically it creates an encrypted copy of the file and deletes the original.) Once your data has been encrypted, the malware informs you that your files are being held for ransom along with details on how to buy the decryptor program to...
A recent PCMag.com blog post points out that the fake White House website whitehouse.org (no, I won't link you to it) has been hacked and is serving up malware. Part of the issue here is that many people attempting to go to the government website www.whitehouse.gov will accidentally mistype it as whitehouse.org. This is a specific case of a very real threat.
If you look at the list of the top 500 most popular websites according to Alexa.com. How many of these domain names are easily misspelled or mistyped? There is nothing stopping bad people from registering common typos of popular do...
One of the best parts of my job is not just laying out the strategy for Symantec's Consumer Business, but getting out and telling people where Norton is headed in six months, 12 months, or even two years. Why is this so rewarding? Because we've got a rich and compelling story to tell. We aren’t just talking about security software — we're looking at solving consumer problems in brand new ways. Recently, I've spent some time sharing our vision with some of the key people in our industry. Neil Rubenking at PC Magazine was one of our stops and following our conversation, he put out a compreh...
Jaqcqui Cheng from Ars Technica has a great article today about the latest email scam design to trick people into giving up their personal information (including social security number and mother's maiden name), this time, the email is supposedly from the iTunes store and links to a poorly crafted site. You should check out Robert Vamosi's article on Cnet about this as well.
Okay, so this is really nothing new, we talk about phishing scams all the time. However, like Jacqui writes in her article, this is interesting because Apple users are getting targeted. iTunes is cross platform, lot...
“Whaling”. The term brings up images of Captain Ahab and harpoons. For some folks, “whaling” brings up thoughts of deep-pocketed Vegas high-rollers. Unfortunately, what I’m referring to is a product of today’s online threats. It’s a new phishing scam called “whaling” and its emerged to target the big fish – top-level corporate executives at leading companies and organizations. By doing some easy research up front, phishers can hit those at the top with surprising success because most corporate email conventions are easy to figure out (eg. First initial_last nameatcompanydotcom). These...
Does your security software do any of the following things?
• guard against virus activity before users see the effects of it
• keep hackers from stealing personal information
• prevent the system from becoming a zombie
• thwart phishing attacks from getting people to give away data
• stop malware and spyware from installing themselves
If your answer is yes (and I hope it is!) then your software is using up some amount of the system’s memory in order to keep you safe. Symantec’s mission is to make this protection impact as minimal as possible while st...
I have been out for a bit (conference, two weddings and lots of airports) but I just wanted to post the following video that we did discussing vulnerabilities, specifically the one that happened at CanSec West. Mighty props out to Rob Pegoraro's article that started the discussion in the first place!
Message Edited by jgonzales on 05-09-2008 03:00 PMMessage Edited by mikeromo on 05-15-2008 02:15 PM
I had the pleasure of meeting some of my Symantec Italy colleagues at a recent conference in Vegas, but I had no idea that Lee Majors was part of the team. I was delighted to see that the product development team’s focus on performance has been resonating internationally; here’s a link to a light-hearted video they created to showcase the bionic performance of Norton Internet Security 2008:
Message Edited by jgonzales on 05-21-2008 11:04 PM
As a follow-up to my earlier post this week, I noticed that Walt Mossberg posted today a helpful article and short video clip on "social engineering" that offers several specific tips on avoiding online scams. For example:
1. Never, ever click on a link embedded in an email that appears to come from a financial institution, even if it’s your own bank or brokerage and even if it looks official right down to the logo. The same goes for payment or auction services, like PayPal or eBay (EBAY).
More solid tips are available at Mossberg's All Things Digital site.
I also recommend related post...
Earlier today I came across a CNET blog entry wherein Ina Fried discusses the recent purchase of a refurbished iPod that arrived with a virus on it. Although Ina's article is about an iPod, it reinforces the reality of today's threat landscape: malware can come from anywhere.
As we look at the Genesis of Computer Viruses (see The Art of Computer Virus Research and Defense, by Peter Szor), we can't help but remember the days when the vast majority of personal computer malware spread via physical interaction between computers, usually in the form of floppy disks. These early viruses operat...
I couldn’t tell you the first time I got Rickrolled. By now you’ve heard of it, from Google or the Nightly News to the guy two cubicles down who’s always late to the Internet party. Once, it was a surprise to click on what promised to be an election-year gaffe, a great deal on flash memory, or a review of the best chimichanga in West Los Angeles…only to be treated to that fine young man Rick Astley belting out “Never Gonna Give You Up.”
At first it’s perplexing. Then, perhaps for a nanosecond, amusing. By the time your mother-in-law with the Mac SE and 2400 baud dial-up AOL connection ...
There was a great article in the most recent issue of the Communications of the ACM entitled "The Psychology of Security: Why do good users make bad decisions?"
The main thrust of the article is to shed some light on the psychological process for decision making and how the process manifests itself when users are asked to make security decisions. Armed with this knowledge security software developers can make better decisions regarding what to present to a user and how these choices should be ultimately represented. I took away three key observations from the article:
First, the article po...
As a youngster I was taught to think of history in terms that scream out for marble monuments and epic poetry. College did its best to break me of that tendency, and though I retain some of that boyish awe, I have come to appreciate the humanizing elements of history.
I like to remind myself as summer approaches by watching the musical 1776, about the drafting of the US Declaration of Independence. Aside from the fun it has with history, I also enjoy the lessons it offers for my day job. The play looks beyond the yellowed parchment with the odd penmanship and the huge signature of John...
One of the exciting features of Norton products is their ability to be managed using Norton Account. Norton Account is great because it enables you to have complete control of all of your Norton Product Subscriptions and Keys in one convenient place. From Norton AntiVirus to Norton 360, you can update, view and edit all of their information. I know a lot of users find Norton Account great because it enables you to easily retrieve your product key for re-installation of your Norton product.
Norton Account allows you to log in from any computer in the world and instantly see the Norton ...
One of the most important features of our products is the ability for us to actually update them. The Mac team has been talking a lot about this lately, specifically: how best to keep users up to date without impacting them in any way?
Our updating process actually has quite a few steps:
1 - we launch a process that manages the updating (LiveUpdate)
2 - LiveUpdate checks the LiveUpdate servers (most of the time a Symantec server, but sometimes enterprise customers have a local LiveUpdate server that lives behind the enterprise firewall) and checks to see what updates are actually up there...
You just read an article title like this and think, ugh, more guilt about the clothes I wear, the food I buy, the car I drive. I feel the same way. I wish I could live more like Ed Begley Jr. and less like the Super Consumer I really am. The truth for me, and maybe for you too is that we have to pick a few areas to make new choices in order to help the environment. So maybe a better title is “Baby Steps to Going Green.” Small changes do matter and may be our best shot for lasting behavioral changes.
As I write this, workmen are sweating away in the unseasonably warm April weather (94 deg...
This Blog is dedicated to you - as a past, present or future user of our products. A large team of our product managers, engineering, testers and designers will regularly be posting directly to this blog. Each of us care passionately about security, and share the responsibility to design, develop and test the solutions that protect our customers.
It is my hope that, through this Blog, you will be able to hear directly from the people who are working on the Norton products. Through your feedback, whether it is frustrations, accolades, opinions or ideas about our products, I believe we c...
So, "Norton AntiVirus for Mac" has been around for a long time. Everyone seems to know it (alongside Norton Utilities for Mac, another topic for another time), but I gotta tell you, sometimes I think the name does the software a disservice. I mean, literally, as soon as I even say the name of the product, I inevitably hear, “But I thought Macs don’t get viruses!” Everywhere I get this. I was, no joke, getting a physical with my doctor, and when he was done he asked, “You know, I don’t mean to, well, whatever, but I thought that Macs didn’t get viruses.”Can I at least get my pants on before...
I was surfing through some security news this weekend and ran into an interesting article on SecurityFocus. The article references a report that states that the reported damages from cybercrime and fraud rose by more then 20% from 2006 to 2007.
One interesting piece of information turned up by the report is that while identity theft is the most commonly cited example of cybercrime, other criminal activities like auction fraud are causing greater monetary damage.
This is alarming to me both as a consumer and as a developer of security software. As a consumer if I want to buy something on eB...
I recently explained how the Smart Scheduler feature in Norton 360 works to stay out of your way in deciding when to run tasks. The scheduler is so effective that it's common for users to wonder if we're ever performing scans. Neil Rubenking even noted in his PC Magazine review of Norton 360 that "It's so quiet you might begin to wonder if it's doing anything at all."
We want to shed some light on this for anyone (myself included) who can't resist the urge to dig into how things work. We've created a small widget that shows you everything going on behind the scenes:
You can download it he...
While building the first release of Norton 360 in 2006, we decided we didn't want to use the typical task scheduler so many other products use to run weekly antivirus scans. Remembering to keep your computer on "every Wednesday night at 2am" is a pain, so we set out to build a better wheel.
Norton 360 introduced Symantec's smart task scheduler. The new scheduler doesn't rely on a fixed schedule - instead it works around yours. Basically, Norton 360 is always looking for times that you're away from your desk and uses those opportunities to perform the routine maintenance tasks it needs to k...