EarthLinkThe Web

https://forums.symantec.com/t5/ISTR/bg-p/istr ISTR Tue, 06 Jan 2009 10:42:36 GMT istr 2009-01-06T10:42:36Z https://forums.symantec.com/t5/ISTR/Symantec-Report-on-the-Underground-Economy-Malicious-Tools/ba-p/368569 The newly released Symantec Report on the Underground Economy discusses a number of topics, including the supply and demand of goods and services that were advertised for sale in the underground economy. This information was gathered by monitoring various IRC channels devoted to the commerce of these good and services. Thu, 27 Nov 2008 13:16:30 GMT https://forums.symantec.com/t5/ISTR/Symantec-Report-on-the-Underground-Economy-Malicious-Tools/ba-p/368569 David McKinney 2008-11-27T13:16:30Z https://forums.symantec.com/t5/ISTR/Symantec-Report-on-the-Underground-Economy-Goods-and-Services/ba-p/368226 The online underground economy has evolved into a full-fledged marketplace where participants advertise and traffic stolen information, provide services to aid in the use of this information, and perform other illegal activities. Like any market-based economy, it is governed by the laws of supply and demand and, given enough Wed, 26 Nov 2008 10:22:03 GMT https://forums.symantec.com/t5/ISTR/Symantec-Report-on-the-Underground-Economy-Goods-and-Services/ba-p/368226 Marika Pauls Laucht 2008-11-26T10:22:03Z https://forums.symantec.com/t5/ISTR/The-Cost-of-Software-Piracy/ba-p/367971 One topic of discussion in the recently released Symantec Report on the Underground Economy is software piracy. Software piracy occurs primarily in two basic forms: physical counterfeiting and file sharing. Counterfeiters create unauthorized physical copies of software intended for sale as legitimate Tue, 25 Nov 2008 12:24:21 GMT https://forums.symantec.com/t5/ISTR/The-Cost-of-Software-Piracy/ba-p/367971 Téo Adams 2008-11-25T12:24:21Z https://forums.symantec.com/t5/ISTR/Symantec-Report-on-the-Underground-Economy-Self-Sustaining/ba-p/367662 Underground economy servers are black market forums used to advertise and traffic stolen information. The information can include government-issued identification numbers such as Social Security numbers, credit card information, bank accounts credentials, personal identification numbers, email address lists, and Mon, 24 Nov 2008 14:42:14 GMT https://forums.symantec.com/t5/ISTR/Symantec-Report-on-the-Underground-Economy-Self-Sustaining/ba-p/367662 M.K. Low 2008-11-24T14:42:14Z https://forums.symantec.com/t5/ISTR/I-d-Buy-That-for-10/ba-p/335402 The costs of most goods are so much higher than they were 30 years ago. Back then, cars were under $10,000 (I remember this because the Price is Right only had four missing digits in their Lucky Seven game). You could feed a family of four for $10 and even Thu, 10 Jul 2008 15:14:29 GMT https://forums.symantec.com/t5/ISTR/I-d-Buy-That-for-10/ba-p/335402 M.K. Low 2008-07-10T15:14:29Z https://forums.symantec.com/t5/ISTR/ISTR-XIII-Phishing-and-Spam-Trends/ba-p/315516 <div></div><div></div><p>Phishing is an attempt by a third party to solicit confidential information from an individual, group, or organization by mimicking (spoofing) a specific, usually well known brand, usually for financial gain. Phishers attempt to trick users into disclosing personal data, such as credit card numbers, online banking credentials, and other sensitive information, which they may then use to commit fraudulent acts.</p><p>During the second half of 2007, the majority of brands targeted by phishing attacks were in the financial services sector, accounting for 80 percent. This is virtually unchanged from the 79 percent reported in the first half of 2007. The financial services sector also accounted for the highest volume of phishing Web sites during this period, at 66 percent, down slightly from 72 percent in the first half of 2007. Since most phishing activity pursues financial gain, successful attacks using brands in this sector are most likely to yield profitable data, such as bank account credentials, making this sector an obvious focus for attacks.</p><p>Symantec observed 87,963 phishing Web site hosts during the second half of 2007. This is an increase of 167 percent from the first half of 2007, when Symantec detected only 32,939 phishing Web site hosts. Between the second half of 2006, when 13,353 phishing Web site hosts were detected, and the second half of 2007, Symantec observed a dramatic increase of 559 percent in phishing Web site hosts.</p><p>There are a number of factors contributing to this increasing trend that Symantec is observing. This includes the growth in availability and adaptability of phishing toolkits that allow phishers to work faster and with greater efficiency, as well as the more prominent use of the <a href="http://news.zdnet.com/2100-1009_22-6222896.html" target="_blank"><span>fast-flux<b><strong>*</strong> </b>communication infrastructure</span></a> in botnets.</p><p>To protect against potential phishing activity, administrators should always follow Symantec best practices as outlined in Appendix A in Volume XIII of the Symantec <em><a href="http://www.symantec.com/business/theme.jsp?themeid=threatreport" target="_blank"><span>Internet Security Threat Report</span></a></em>. Symantec also recommends that organizations educate their end users about phishing. They should also keep their employees notified of the latest phishing attacks and how to avoid falling victim to them, as well as provide a means to report suspected phishing sites.</p><p>For more information on phishing trends, as well as trends in other malicious activity, please see the latest Symantec <em><a href="http://www.symantec.com/business/theme.jsp?themeid=threatreport" target="_blank"><span>Internet Security Threat Report</span></a></em>.</p><p><b><strong>*</strong> </b>Fast-flux basically allows a single URL to resolve to a number of different IP address, or computers, by changing the URL’s DNS mapping rapidly and constantly.</p><div></div><br><br>Message Edited by Joseph Blackbird on <span class="date_text">04-11-2008</span> <span class="time_text">10:55 AM</span> Fri, 11 Apr 2008 17:53:05 GMT https://forums.symantec.com/t5/ISTR/ISTR-XIII-Phishing-and-Spam-Trends/ba-p/315516 Joseph Blackbird 2008-04-11T17:53:05Z https://forums.symantec.com/t5/ISTR/ISTR-XIII-Malicious-Code-Who-Do-You-Trust/ba-p/315324 In late May 2007, the MPack attack kit was first observed in the wild. This kit relied on compromised Web pages to redirect users to an MPack server that attempted to exploit Web browser and plug-in vulnerabilities in order Thu, 10 Apr 2008 22:17:28 GMT https://forums.symantec.com/t5/ISTR/ISTR-XIII-Malicious-Code-Who-Do-You-Trust/ba-p/315324 Marc Fossi 2008-04-10T22:17:28Z https://forums.symantec.com/t5/ISTR/ISTR-XIII-Vulnerability-Highlights/ba-p/314795 With the launch of volume XIII of the Symantec Internet Security Threat Report (ISTR), I’d like to discuss some of the highlights we’ve seen in vulnerability trends for the last six months of 2007. Zero-days Wed, 09 Apr 2008 07:00:00 GMT https://forums.symantec.com/t5/ISTR/ISTR-XIII-Vulnerability-Highlights/ba-p/314795 David McKinney 2008-04-09T07:00:00Z https://forums.symantec.com/t5/ISTR/ISTR-XIII-Attack-Trends-Continue-to-Move-towards-Profit/ba-p/314776 Volume XIII of the Symantec Internet Security Threat Report shows that, on a global scale, overall malicious activity seems to be relatively static, with the countries listed in the top 20 unchanged from the firs Tue, 08 Apr 2008 07:00:00 GMT https://forums.symantec.com/t5/ISTR/ISTR-XIII-Attack-Trends-Continue-to-Move-towards-Profit/ba-p/314776 M.K. Low 2008-04-08T07:00:00Z https://forums.symantec.com/t5/ISTR/Hit-the-beaches-ISTR-XII/ba-p/306230 In a military operation, a beachhead is a point where an attacking force landing by sea reaches a beach and defends it until reinforcements arrive. At this point, the reinforcements will expand the attack. What Mon, 17 Sep 2007 07:00:00 GMT https://forums.symantec.com/t5/ISTR/Hit-the-beaches-ISTR-XII/ba-p/306230 Marc Fossi 2007-09-17T07:00:00Z