Tag Archives: symantec

???? IPS ???????? 32 ????? Internet Explorer ???

破損した IPS 定義パッケージをインストールした結果、32 ビット版の Internet Explorer で問題が発生することが確認されていますのでご注意ください。シマンテックは、この問題に対応した修正版の定義パッケージを LiveUpdate サーバーを介してリリースいたしました。
Read More

Corrupt IPS definition package impacted Internet Explorer 11

Symantec is warning that our IPS 20150220.001 definition package was causing Internet Explorer 11 to crash. We have released a fix for this issue through our LiveUpdate servers.Read More

Symantec to Pre-Verify Applicants on .bank and .insurance gTLDs

a fundamental shift in the Internet landscape

Twitter Card Style: 

summary

As recently announced, fTLD Registry Services has partnered with Symantec to verify applicants before domain names are approved in the new .bank and .insurance generic Top-Level Domains (gTLDs).  So what does this truly mean?  Ultimately, it offers a form of brand protection for .bank and .insurance in this new era of the Internet. 

Handshake.jpg

July 2013 through February 2014 marked the second major landrush for addresses on the Internet.  Companies from around the world applied to ICANN to operate nearly any gTLD they could think of (namely common search terms).  For example we have applied to operate .symantec and .norton.  With the new gTLDs as options for website developers, there are increasing risks to end-users who may confuse spoofed destinations with their real counterparts.  For instance, let’s say ChelmoBank.com was a real address with millions of customers visiting daily.  Without pre-verfication there would be little stopping a hacker from creating ChelmoBank.uk or Chelmobank.shop to confuse my customers and funnel them into a phishing scam as they do with subdomains (e.g., ChelmoBank.example.com). fTLD Registry Services recognizes this and is acting as the responsible operator of this new portion of the Internet.  Fundamentally, this is a best practice among gTLD operators.  It not only provides better brand protection, but it also enables website owners to go through a majority of the processing for an SSL certificate, which will allow the owners to easily apply for and rapidly install an SSL certificate from Symantec.  At the end of the day this drives value for gTLD operators and allows their new virtual tenants to be seated among other websites which have all been vetted.  Personally, I see this as the equivalent of setting up shop in a shopping mall in an affluent neighborhood. 

If other registry service organizations would be interested in doing something similar to what fTLD Registry Services has done, then please email geoffrey_noakes@symantec.com today.

SSL; More than Encryption

      No Comments on SSL; More than Encryption
Twitter Card Style: 

summary

While doing an online search for “SSL Certificates” and one of the ads said “$4.99, Why Pay More?”  Without clicking on the ad I know what they are going to offer me; a simple domain validated (DV) SSL certificate.  This certificate will encrypt my site’s traffic at a basic level but this isn’t 1997; the business climate and threat landscape have changed and so have our requirements for security.  SSL is more than encryption.  We have to consider trust, security, service, certificate management & reliability.  While many Certification Authorities are cutting corners to compete with each other on price, Symantec is working around the clock to continually deliver best-in-class solutions.  At Symantec we believe in these core factors as does 91% of the fortune 500 and 94 of the top 100 financial institutions in the world.  Here’s why:

1. Increased End-Consumer Trust

  • Trust Seal — Trust seals suggest that websites are safe to interact with.  The Norton Secured Seal has been shown through independent research to be the most recognized trust seal on the Internet.  Offered only by Symantec, it is seen about 4 billion times per month on websites all around the world.  The seal ensures visitors that they are communicating with organizations that not only encrypt their traffic but also are legitimate organizations that have gone through Symantec’s strong authentication screening as well.
    ssl-encryption-blog-1.jpg
  • Visual Cue — The “Green Bar” also represent that a site is trustworthy.   With Symantec EV Certificates, browsers will change the color of the address bar to green, serving as a cue for safe interaction.  DV certificates won’t provide for a visual cue to website visitors
    ssl-encryption-blog-2.jpg

 

2. Stronger Business Authentication and Website Security

  • Authentication — With every Symantec certificate, Symantec performs strong authentication to ensure that a website visitor can trust who they are communicating with.  Security-minded organizations realize that encryption alone is not enough and require, as a matter of policy, that all certificates issued for their organization have strong authentication.  On the other hand, domain validated certificates, like those that Let’s Encrypt intends to offer, will only provide encryption of data.   Thus, they will not prevent a credit card number or password from going to an encrypted website that may be fraudulent.
  • Scanning and Alerts — Symantec products also secure customer websites with scanning for critical vulnerabilities and active malware.  Symantec proactively notifies customers about security risks within a customer’s unique environment and provides guidance to ensure that such issues are quickly and easily resolved. 

 

3. Simplified Certificate Management and Live Worldwide Support

  • Management Tools — Symantec enables customers to track and manage large volumes of certificates with a wide range of tools.  Organizations are often burdened with the complexity of managing a variety of SSL certificates that may include of self-signed, client certificates or SSL certificates that chain up to public roots.
    ssl-encryption-blog-3.png
  • Accessible Technical Support — Symantec provides 24/7/365 support worldwide to ensure that customers’ sites stay up and running and secure, with an optional premium support that include SLA’s on problem escalation and resolution.  This is a critical component for organizations that need to ensure that their website operations remain.  A free offering like Let’s Encrypt rarely comes with any form of live support.

 

4. Powerful Technical Capabilities and Advanced Options

  • Client Ubiquity — As the longest operating Certification Authority, Symantec’s roots are in more clients than any other Certification Authority.  Organizations that want to support Always on SSL and connectivity with the greatest number of users choose Symantec to secure their transactions.
  • Advanced Certificate Options — Symantec Secure Site Pro products include both RSA 2048 bit certificates and ECC 256 bit certificates which are optimal within Perfect Forward Secrecy.  These high security, high performance certificates are the future of SSL/TLS encryption and Symantec’s ECC roots are in more clients than any other Certification Authority.
  • Best in Class Revocation — Symantec provides revocation information to clients through both the Online Certificate Status Protocol (OCSP) and Certificate Revocation Lists (CRLs).  Both of these services are updated continually to communicate certificate revocation activity to clients worldwide.  The services are tuned to provide the fastest response times possible.   In the case of websites, OCSP response times can impact page load times and Symantec has invested in its infrastructure to provide OCSP responses in about 50 milliseconds for almost every major region in the world.  
    ssl-encryption-blog-4.jpg

 

5. Reliable Security and Business  Assurances

  • Warranties — Symantec offers the highest warranties of any Certification Authority.  These warranties can cover customers for losses of up to $1,750,000 from incorrect information contained on Symantec certificates.
  • Military-Grade Data Centers — Symantec’s roots and signing services are protected by the most stringent physical, network, and logical security and process controls.   The hardened facilities provide our customers with confidence that certificate issuance for their domains will not be compromised.  With ten years of continuous uptime, Symantec’s robust continuity practices are the best in the industry.
  • Contractual Commitments — Symantec customers have a contractual commitment from Symantec to maintain their products for the term of their contract.  Let’s Encrypt, as a non-profit, open-source Certification Authority, it will be difficult to offer such contractual guarantees, given the significant expenses associated with operating a publicly audited Certification Authority.
    ssl-encryption-blog-5.jpg
  • Focused investment – As the world’s largest security company, Symantec has both the resources and the motivation to ensure that the our SSL products are uncompromised.  Vulnerabilities like Heartbleed have clearly demonstrated that, despite the good intentions of OpenSSL, a non-profit organization with limited resources will be challenged to keep up with the rapidly-changing security threat landscape.

 

Modern Security for Modern Needs

Companies that know security understand they need to use modern-day security solutions in today’s environment and that SSL is more than just simple encryption.Please keep all of these factors in mind as you are building out your webserver security plans.For more information on Symantec SSL, please visit our website.

The death of Antivirus has been greatly exaggerated

“Antivirus, as customers know it, incorporates firewalls, intrusion detection, heuristics, virtualization, sandboxes, and many other layers of protection and not just antivirus. It is far from dead.” ~Vince Steckler, CEO   A weekend article in the Wall Street Journal in which traditional antivirus vendor, Symantec, described its new business strategy and declared that antivirus software […]

2014 ???????????????????????: ???????????

istrbanner.png

今年も、シマンテックの最新の調査結果をお伝えする『インターネットセキュリティ脅威レポート』(ISTR)(英語)をお届けする時期になりました。過去 1 年間のシマンテックの調査と解析に基づいて、脅威を取り巻く世界の現状を考察しています。今年のレポートで取り上げている大きな傾向としては、データ侵害と標的型攻撃の大幅な増加、モバイルマルウェアとランサムウェアの進化、モノのインターネットがもたらす潜在的な脅威といったことが挙げられます。以下、これらのテーマについてそれぞれ詳しく見ていきます。

大規模なデータ侵害の年
2011 年は「データ侵害の年」と呼ばれましたが、2013 年のデータ侵害は前年までの規模をはるかに超えるものでした。2013 年、データ侵害の件数は 2012 年から 62% 増え、さらには漏えいした個人情報の数は 5 億 5,200 万件と、実に 368% も増加しています。また、データ侵害の被害が大きかった上位 8 件すべてにおいて、漏えいした個人情報の数が 1,000 万を超えた初めての年でもあり、まさに「大規模な」データ侵害の年だったと言えます。その前年、2012 年は同様の規模のデータ漏えいは、わずか 1 件にすぎませんでした。

中規模企業に狙いを定める攻撃者
これまでのレポートをお読みであれば、攻撃者の狙う主な標的が中小規模の企業(SMB)であることをご存じでしょう。今年もその傾向は変わっていません。2013 年には、SMB 全体が標的型攻撃の半数を超えて 61%(2012 年は 50%)に達し、なかでも中規模(従業員数 2,500 人以上)企業への攻撃が最も大きく増加しました。

規模を問わず全企業に対する攻撃も、2012 年から 91% とほぼ倍増しています。サイバー犯罪者が、攻撃の成功率を高めようとして水飲み場型攻撃やスピア型フィッシングを仕掛けている点は前年と同様ですが、攻撃活動に電子メールを利用する比率が下がってきたため、スピア型フィッシング攻撃は 23% 減少しました。一方、水飲み場型攻撃によってドライブバイダウンロードを通じた攻撃が増え、標的が頻繁に訪れる Web サイトでユーザーを待ち構えて狙うようになっています。ゼロデイ脆弱性が 61% 増加したことも、攻撃を助長しました。攻撃者は、ゼロデイ脆弱性を悪用することで、適切にパッチが適用されていないサイトに攻撃を仕掛け、余分な手間をほとんど、あるいはまったく掛けずに被害者の環境に感染できるためです。

最も多く狙われた業種は、引き続き政府機関でした(全攻撃の 16%)。今回のレポートでは、攻撃の量だけでなく、誰が好んで標的にされるのか、標的に選ばれる確率はどのくらいなのかも調べています。悪いことに、その確率の点で誰が有利ということはなく、標的型攻撃には全員が備えなければなりません。ただし、その確率を確かめた結果、意外な事実も判明しています。中規模の採掘会社で個人秘書を務めている方には残念なニュースですが、あなたは「最も狙われている」業種です。

消費者のプライバシーを侵害するモバイルマルウェアとマッドウェア
深く考えずに新しいアプリをモバイルデバイスにダウンロードする人は少なくありませんが、悪質なアプリの多くは、きわめて不快な機能や望ましくない機能を備えています。2013 年に作成された新しいマルウェアのうち、33% はユーザーを追跡し、20% は侵入先のデバイスからデータを収集していました。また 2013 年は、Android デバイスに対するリモートアクセスツールキット(RAT)が出現し始めた最初の年でもあります。デバイス上で実行されている RAT は、監視をしたり電話を掛けたりするほか、SMS メッセージを送受信する、デバイスの GPS 座標を取得する、カメラとマイクを有効にして利用する、デバイスに保存されているファイルにアクセスするといったことが可能です。もちろん、被害者はそれを知ることもなければ、同意もしていません。

爆発的に増え、ますます悪質になるランサムウェア
シマンテックが以前に予測したとおり、2013 年にはランサムウェア(コンピュータやファイルをロックする悪質なソフトウェア)が急増しました。過去 1 年間で 500% という爆発的な増加を示したことに加え、身代金の受け取りに成功するたびに 100 ~ 500 ドルの利益があるという、攻撃者にとっては非常に儲かる商売になっています。また、高度な暗号化によってデータを人質に取り、所定の期日までに身代金を支払わなければデータを完全に消去すると脅すなど、攻撃の悪質さも増してきています。

個人情報窃盗の未来を握る「モノのインターネット」
過去 1 年間にハッキングの被害に遭ったのは、冷蔵庫とベビーモニターのどちらでしょうか。お客様にこう質問すると多くの人々は「両方」と答えますが、正解はベビーモニターです。ニュースなどでどう報じられていようと、インターネットに接続された冷蔵庫が実際に攻撃を受けたことは、まだありません。ただし、あくまでも「まだない」だけです。セキュリティ研究者は 2013 年に、自動車、防犯カメラ、テレビ、医療機器に対する攻撃がいずれも可能であることを実証しています。次は冷蔵庫の番かもしれません。モノのインターネット(IoT)は今ちょうど成長過程にあり、関連する脅威が追随するのは間違いありません。今年のレポートで、これまでに判明した点に触れていますが、インターネットに接続されているデバイスのうち攻撃を受けるリスクが最も高いのはホームルーターであるという見解は一致しています。

次に起こるのは何でしょうか。IoT デバイスには個人情報や銀行口座などの情報が保存されているので、実際に冷蔵庫がハッキングされる事案が発生するのも時間の問題でしょう。今のところ、IoT デバイスのメーカーとユーザーのどちらにとってもセキュリティは二の次です。深刻なセキュリティ事案が発生するまでは真剣に考慮されないかもしれませんが、潜在的なセキュリティリスクに備えて今すぐ検討を開始しておけば、いざというときのために万全の準備をすることができます。まずは、今年の ISTR をお読みいただくことから始めてください。

詳しくは、『インターネットセキュリティ脅威レポート』第 19 号(英語)をご覧ください。

 

* 日本語版セキュリティレスポンスブログの RSS フィードを購読するには、http://www.symantec.com/connect/ja/item-feeds/blog/2261/feed/all/ja にアクセスしてください。

The 2013 Internet Security Threat Report: Year of the Mega Data Breach

istrbanner.png

Once again, it’s time to reveal the latest findings from our Internet Security Threat Report (ISTR), which looks at the current state of the threat landscape, based on our research and analysis from the past year. Key trends from this year’s report include the large increase in data breaches and targeted attacks, the evolution of mobile malware and ransomware, and the potential threat posed by the Internet of Things. We’ll explore each of these topics in greater detail below.

The year of the mega data breach
While 2011 was hailed by many as the “Year of the Data Breach,” breaches in 2013 far surpassed previous years in size and scale. For 2013, we found the number of data breaches grew 62 percent from 2012, translating to more than 552 million identities exposed last year – an increase of 368 percent. This was also the first year that the top eight data breaches each resulted in the loss of tens of millions of identities – making it truly the year of the “mega” data breach. By comparison, only one data breach in 2012 reached that distinction.

Attackers set their sights on medium-sized businesses
If you’ve been following our reports, you know that small and medium-sized businesses (SMBs) are a key target for attackers, and this year proved no exception to the trend. In 2013, SMBs collectively made up more than half of all targeted attacks at 61 percent – up from 50 percent in 2012 – with medium-sized (2,500+ employees) businesses seeing the largest increase.

Attacks against businesses of all sizes grew, with an overall increase of 91 percent from 2012. Similar to last year, cybercriminals deployed watering hole attacks and spear-phishing to increase the efficiency of their campaigns. However, spear-phishing campaigns were down 23 percent, with cybercriminals relying less on emails to carry out their attack campaigns. Watering hole attacks allowed the bad guys to run more campaigns through drive-by-downloads, targeting victims at the websites they frequently visit. Efforts were also aided by a 61 percent increase in zero-day vulnerabilities, which allowed attackers to set up on poorly patched sites and infect their victims with little or no additional effort required. 

Government remained the most targeted industry (16 percent of all attacks). This year we looked at not only the volume of attacks but also at who are the preferred targets and what are the odds of being singled out. The bad news is that no one faces favorable odds and we all need to be concerned about targeted attacks. However, looking at the odds produced some surprises. If you’re a personal assistant working at a mid-sized mining company, I have bad news for you – you topped the “most wanted” list for attackers. 

Mobile malware and madware invades consumers’ privacy
While many people download new apps to their mobile devices without a second thought, many malicious apps contain highly annoying or unwanted capabilities. Of the new malware threats written in 2013, 33 percent tracked users and 20 percent collected data from infected devices. 2013 also saw the first remote access toolkits (or RATs) begin to appear for Android devices. When running on a device, these RATs can monitor and make phone calls, read and send SMS messages, get the device’s GPS coordinates, activate and use the camera and microphone and access files stored on the device – all without the knowledge or consent of the victim.

Ransomware growth explodes and turns even more vicious 
As we had previously predicted, ransomware, the malicious software that locks computers and files, grew rapidly in 2013. Ransomware saw an explosive 500 percent growth over last year and remained a highly profitable enterprise for the bad guys, netting $100 to $500 USD for each successful ransom payment. We also saw attackers become more vicious by holding data hostage through high-end encryption and threatening to delete the information forever if the fee was not paid within the given time limit.

The future of identity theft: The Internet of Things
Which of these things have been hacked in the past year: a refrigerator or a baby monitor? When I ask customers this question, they often reply, “Both.” The correct answer is the baby monitor. Despite what you may have heard on the news, Internet connected refrigerators have yet to be attacked. But never say never. Security researchers in 2013 demonstrated that attacks against cars, security cameras, televisions and medical equipment are all possible. The refrigerator’s time will come. The Internet of Things (IoT) is on its way and related threats are sure to follow. In this year’s report, we talk about what we’ve seen so far, and the consensus is that the Internet connected device at most risk of attack today is the home router.

What comes next? With personal details and financial information being stored on IoT devices, it’s only a matter of time before we find a true case of a refrigerator being hacked. Right now, security is an afterthought for most manufacturers and users of these devices, and it will likely take a major security incident before it is seriously considered. However, by starting the conversation now about the potential security risks, we will be that much more prepared when that day comes. This year’s ISTR starts the conversation. 

For more details, check out the complete Internet Security Threat Report, Vol. 19.