Small biz survey: No cybersecurity plans -- no worries. What?

Someone needs to smell the coffee in a big way.

Seventy-seven percent of small- and medium-sized businesses believe that their companies are safe from cyberthreats and yet 83 percent of them have no formal cybersecurity plan. Um, yeah. And that was just one of the contradictions uncovered in a survey of 1,015 small- and medium-sized businesses carried out by the National Cyber Security Alliance and Symantec.

"It's not part of the culture yet," said Michael Kaiser, executive director of the NCSA, who added that he was "a little disheartened that we didn't see substantial … Read more

Symantec: Russian criminals sell Web 'proxy' with backdoors

A black hat Russian operation has served malware to hundreds of thousands of users a year who thought they were signing up for a paid proxy service, Symantec said today.

The security company said in a blog post that it has linked the malware to a cluster of Russian Web sites -- including one called -- that claim to provide proxy access, VPN services, and antivirus scanning. requires users to download what it calls "functional, simple, and convenient" proxy software.

Vikram Thakur, principal manager at Symantec Security Response, told CNET this afternoon that:

What … Read more

Experts: Google's 'Aurora' hackers still at it years later

The hackers behind the cyberespionage attacks on Google and more than 30 other companies three years ago are still going strong and seem to have a steady stream of weapons in their arsenal in the form of rare unpatched vulnerabilities known as zero-days, Symantec researchers said today.

The group has used exploits for four zero-day vulnerabilities in attacks over the past few months against targets across a variety of industries, including energy, aeronautics, and financial, and particularly manufacturers of components sold to defense contractors, the security provider said in a blog post.

"This group is focused on wholesale theft … Read more

As Windows goes touch, Norton goes social

Symantec's annual Norton security suite delivers an interface optimized for Windows 8, but its new features address the mobile and social implications of the era arriving with the new operating system at the end of October.

The new features in Norton Anti-Virus 2013 (download), Norton Internet Security 2013 (download), and Norton 360 2013 (download), aim squarely to cut down on social engineering threats like scams and phishing attacks.

Windows 8 is already gaining a reputation as the safest version of Windows to date, but this doesn't surprise Gerry Egan, Norton's senior product manager. "Each time Microsoft … Read more

Rare peek: Inside Symantec's security fortress

MOUNTAIN VIEW, Calif. -- The journey to the heart of the operation reminded me of the late '60s TV show "Get Smart," where one heavily fortified door leads to another locked entryway followed by more complicated defenses in a seemingly never ending series of entry points requiring PINs, badges, and irises or fingers scans. I balked at the DNA test. Joking. Actually, I was just along for the exclusive tour, flanked by a group of engineers and executives with high-level security clearances.

This is the belly of Symantec's Certificate Authority operations, where the company creates digital certificates … Read more

Symantec CEO Salem ousted for board chairman Bennett

Symantec's CEO Enrique Salem stepped down today after the company's board of directors designated chairman of the board Steve Bennett as the new president and CEO.

This executive switch-over comes as the security software giant reported an abysmal year for revenue -- second-quarter growth was just 1 percent to $1.67 billion, and profits decreased by 10 percent to $172 million, according to Bloomberg.

"Enrique Salem has been a significant contributor during his 19 years' associated with Symantec, including the last three years as CEO," Bennett said in a statement. "While progress has been made … Read more

Symantec antivirus software update crashes some PCs

A recent update to Symantec's antivirus software rendered some Windows-based PCs inoperable, the security software maker disclosed Friday.

An update earlier in the week to Symantec Endpoint Protection 12.1 antivirus software for businesses caused some Windows XP-based computers to crash repeatedly with a "blue screen of death," the company revealed on its Web site.

"On July 11th, 2012 Symantec Security Response started receiving reports of customers experiencing blue screens after applying the July 11th revision 18 definitions," Orla Cox, of Symantec Security Response, wrote in the post. "Machines may continue to blue screen … Read more

Is your printer spewing gibberish? Could be malware

Over the last few weeks, companies around the globe have been reporting that their print servers are emptying paper trays by printing endless pages of meaningless characters. Symantec now says malware may be to blame.

Dubbed Trojan.Milicenso, the malware targets Windows-based computers and can spread through malicious e-mail attachments or visiting Web sites hosting malicious scripts, including fake codecs, Symantec said in a blog post yesterday. It has infected computers primarily in the U.S. and India, but also in Brazil, the U.K. and other countries in Europe and South America.

"Our telemetry data has shown the … Read more

Flame can sabotage computers by deleting files, says Symantec

The infamous Flame virus can delete files from a computer and is likely the cause of a cyberattack against Iran in April, according to new findings.

Flame was originally identified for its ability to steal data and capture information from keystrokes, PC displays, and audio conversations.

But a new component of Flame uncovered by security firm Symantec gives its operators the power to delete important files from compromised computer systems, Symantec researcher Vikram Thakur revealed yesterday.

Such power means that the virus can disrupt critical software and "completely disable operating systems," Reuters reported based on Thakur's findings.… Read more

How attacks on social networks work

SAN FRANCISCO--Symantec detailed some of the dirty secrets of Facebook, Twitter, and Google+ threats at its annual reviewers' workshop here today, and revealed a planned project to protect you from social networking manipulators.

The project from Norton Labs, currently called Norton App Advisor, combines Norton's Safe Web data with social network open API data to provide a safety rating for apps. It aims to prevent malicious apps that prey on your social network activity from collecting data on you and your friends, which Symantec representatives said was a major security concern.

"Social networks have a trust model built … Read more