Home Tags Symantec

Tag: Symantec

Google Project Zero reveals flaws in Symantec-Norton Antivirus Software

Google Project Zero reveals flaws in antivirus

Are you using Symantec or Norton Antivirus? Then your PC, Tab or another device may be vulnerable to hacking. Yes, you heard it right. According to Google’s Project Zero report, there are many flaws in these Anti-virus softwares which might help hackers to steal your data.

The United States Department of Homeland Security has issued an alert warning “Symantec and Norton-branded antivirus products contain multiple vulnerabilities. Some of these commodities are in widespread use throughout government and industry. Exploitation of these vulnerabilities could allow a remote attacker to take control of an affected system. Update now.”

According to Google’s report, they have found holes in Norton Security, Norton 360 and legacy products, Symantec Protection Engine, Symantec Endpoint Protection, Symantec email security,  and Symantec SharePoint server protection and may be more.

Google Acquires Video Publishing Platform ANVATO To Expand Its Cloud

Tavis Ormandy of Project Zero stated in a blog post that “These vulnerabilities are as bad as it gets. They don’t require any user interaction, they affect the default configuration, and the software runs at the highest privilege levels possible. In particular cases, on Windows, vulnerable code is even loaded into the kernel, resulting in remote kernel memory corruption.”

He added, “As Symantec use the same core engine across their entire product line, all Symantec and Norton-branded antivirus products are affected by these vulnerabilities.”

Responding to the warnings by the tech giant, Symantec said that they need time to rectify those flaws and all the vulnerabilities can’t be fixed until the second half of July.

The company had started the release of patches to cover some of the flaws identified “as bad as it gets” by Project Zero, but patches to secure the fundamental architectural flaws are still some weeks away.

Google’s ‘Now on Tap‘ Update Brings Text Translation, Discover and QR Scan Features

But as far as now Symantec user’s data was liable to suffer from hacking. So, update or patch your anti-virus as early as possible to avoid stealing your information.

Cyber security researchers are recommending sandboxing and a security development lifecycle, to which companies are opposing. Because of this loophole unpackers and emulators continue to be a huge source of vulnerabilities.

Ormandy also said that “Antivirus vendors solve this problem with two solutions. First, they write dedicated unpackers to reverse the operation of the most common packers, and then use emulation to handle less common and custom packers.”

INDIA ranked #3 in Cyber threats globally

cyber security

The advancement of technology has brought many significant changes in the modern world, but, it also creating new problems and threats. One of the major threatening problems is Cyber Security.

The usage of Computer & Internet is a part of our life we cannot imagine our daily routine without them. In countries like India where Digitalization is evolving as a substitute for the traditional methods in both public and private sectors, forming a target for hackers around the world.

According to latest reports of Symantec on cyber security threats, the hackers are moving to efficient methods and techniques to get access to the user’s database. They are also adopting new strategies for increasing the efficiency of their attacks. These cyber criminals are now organizing as groups and recruiting skilled people for working with them. Availability of extensive resources is allowing them to target large business organizations.

British Telecom (BT) is about to recruit 900 professionals for Cybersecurity Business

Tarun Kaura, Director of Solution Product Management for Asia Pacific and Japan, Symantec on revealing the reports of the research conducted had expressed his views on India’s position. When looking at the stats of zero-day vulnerabilities, there’s an enormous hike of 125% from the last year. From the past five years a steady increase in attacks on medium businesses having a maximum of 250 employees.

According to the reports, 430 million new malware variants were discovered last year. Globally losing over half a billion records in the previous year, 2015 was announced as the Year of Mega Breach.

25 Worst Passwords You Should Avoid and 4 Tips to Stay Safe Online

With a hike of 152% in the social media scams majorly done by manual sharing, shows India’s love for social networks. In India 52% attacks were aimed at small businesses whereas only 30 percent are in larger firms. With an average count of 15 attacks per hour, India stands next to China as the second favourite for the Ransomware attacks in Asia.

India ranks 3rd globally as a source of overall malicious activities like spam’s, malware, phishing hosts, and bots. Looking on the positive side a drop in the ranking of spam source from last year helps India to lose its tag of the best source of spam. The rank falls to 18 from being 6th in the year 2014.The trends also state that there is a reduction in the number of spam or malicious emails which are a positive thing but can also see like the hackers can execute their action process even with fewer emails adapting to advanced technologies.

Million job opportunities in India by 2025 in Cyber Security: Nasscom

Cyber security is emerging as a Global threat to both users and organizations some preventive safety measures are to be taken for effective control of such attacks. The active implementation of Two-factor authentication (2FA) may work in case of weak passwords. Having a backup of data can be very useful in case of Ransomware attacks.

Organizations should educate their employees about the primary measures to follow and should take the assistance of third party security providers in case of highly confidential information, which would be a better option to deal with DDOS (Denial Of Distribution of Service) attacks.

Casino Utan Svensk Licens med trustly / bankID 2021