Nem todas as autoridades de certificação são iguais
Em julho de 2011, uma auditoria interna descobriu uma invasão na infraestrutura da autoridade de certificação (CA) DigiNotar, indicando o comprometimento de suas chaves de criptografia. A violação...
View ArticleTax Time: A Great Time for A Business Checkup
As a small business owner, tax season can be… taxing. Between filing deadlines, issuing important tax documents to employees, and regular warnings from the IRS about scams and phishing attacks meant to...
View ArticleClik here to view.
Mandiant 社のレポートを悪用する標的型攻撃
今週初めに Mandiant 社から公開された「APT1: Exposing One of China's Cyber Espionage Units」と題するレポートは、セキュリティ業界のみならず一般世間においても世界中から注目を浴びています。特に関心が集まっているのは、Comment Crew と呼ばれる特定の攻撃者グループが APT(Advanced Persistent...
View ArticleClik here to view.
How Attackers Steal Private Keys from Digital Certificates
Regular readers of the Symantec blog may sometimes read blogs that mention a fraudulent file that is signed with a valid digital certificate or that an attacker signed their malware with a stolen...
View ArticleClik here to view.
Global Deduplication Myths
Don’t customers hate being misled?I know I do. Sometimes it can be innocent…you know, like maybe the sales person wasn’t as knowledgeable as he/she could’ve been. Or perhaps they were new. In any...
View ArticleNieuwe EU-richtlijn verplicht bedrijven om te rapporteren over...
Op 7 februari stelde de Europese Commissie een nieuwe richtlijn voor inzake cyberbeveiliging. Het wil een Computer Emergency Response Team per lidstaat en een gezamenlijke instelling die cybermisdaad...
View ArticleClik here to view.
Web Application Penetration Test Tricks Part II – Clickjacking
Ready for another cool web application penetration test trick? In this installment we'll cover clickjacking, also known as "UI redressing". Clickjacking is an instance of the classic "confused deputy"...
View ArticleAPT1: Additional Comment Crew Indicators of Compromise
Mandiant recently released a document containing indicators of compromise (IOCs) related to multiple espionage campaigns by a group known as the Comment Crew. Symantec has been actively tracking this...
View ArticleReview: Symantec Backup Exec 2012 Is a Recovery Solution SMBs Can Rely On
Great review from @JasonHolbert at Biztech MagazineReview: Symantec Backup Exec 2012 Is a Recovery Solution SMBs Can Rely OnSmall Business Edition sports a new interface aimed at easing common backup...
View ArticleTop 5 Reasons Why Users Want Administrator Rights
Nobody likes to be restricted in their use of a computer, or think they are being limited because they don’t have administrator rights. Most users do not NEED administrator privileges, they just WANT...
View ArticleTop 5 Reasons Why Users Need Administrator Rights
In the last blog article we discussed the top 5 reasons why users want administrator privileges. In this article we will discuss the top 5 reasons why a user actually NEEDS administrator rights. Here...
View ArticleNexus, eNerds, and 9Spheres Discuss Benefits of Symantec’s SMB Partner Program
APJ partners, Nexus, eNerds, and 9spheres face diverse challenges from their myriad of customers. Though each company has varied customer demands, each company found the confidence, credibility, and...
View ArticleSo what, exactly, is this Backup Exec V-Ray Edition?
In January, the Symantec Partner Communication team hosted its first ever Google+ Hangout. It was a great success and a great way to connect face to face with partners and customers. On February 19, we...
View Articleシマンテックインテリジェンスレポート: 2013 年 1 月
今月のレポートでは、電子メールマルウェアの比率が昨年 12 月以降大幅に低下していることがわかり、今年 1 月はウイルスを含んでいた電子メールは 400 通に 1 通のみでした。これは 2009...
View ArticleClik here to view.
Ichitaro Vulnerability: Another Zero-Day Exploit in the Wild
Contributor: Masaki SuenagaWe have already seen a handful of zero-day vulnerabilities being exploited in the wild this year. These vulnerabilities have affected users globally leaving both individuals...
View ArticleClik here to view.
一太郎の脆弱性: 新たなゼロデイ脆弱性の悪用を確認
寄稿: 末長政樹今年に入ってからすでに、ゼロデイ脆弱性の悪用がいくつか確認されています。これらの脆弱性は全世界のユーザーに影響を及ぼしており、個人も組織も急いでコンピュータの保護対策を行う必要に迫られています。うんざりするような繰り返しですが、日本語ワープロソフト「一太郎」をお使いのユーザーは、まだ安心するわけにはいかないようです。ジャストシステム社は、現在悪用が確認されている 1...
View ArticleSEP 11.x Documentation - Release Notes and Fixes
Release Notes for SEP 11.x reaching back to SEP 11 RU5 - PDF documents for download.The fix notes are based on the Article: http://www.symantec.com/docs/TECH103087 - here split into .pdf documents...
View ArticleMobile World congress: first day impressions with an Asia perspective
Day 2 has started and all the impressions from Day 1 are being gathered and processed. Asia has a huge representation and yesterday I met Japanese, Chinese and Koreans every two meters in the...
View ArticleClik here to view.
デジタル証明書から秘密鍵を盗み出す攻撃者の手口
いつもシマンテックのブログをお読みいただいていれば、有効なデジタル証明書を使って署名された不正ファイルや、盗み出したデジタル証明書を使って署名されたマルウェアについての記事を何度かご覧になったことがあるでしょう。マルウェア史上最も悪名高いと言っていい...
View ArticleClik here to view.
国際女性デーを狙うロシア語のスパム
2 月は短い月ですが、興味をそそるスパムの材料には事欠かないようです。バレンタインデーとそれを悪用する脅威は過ぎ去りましたが、今度は 3 月 8...
View Article