Mobile security has been getting a lot of attention lately, so much in fact that Symantec has come out and said it is working on new software that will keep mobile phones safe from viruses and other forms of malware, news and rumor site Fudzilla reports.
"Symantec tells us it is working with carriers, handset manufacturers, and software vendors to ensure data held in smartphones and the systems they access are not at the mercy of rogue phone apps," Fudzilla says.
While this would be new ground for Symantec, the security firm is said to be using the same algorithm employed by its Norton 360 packages to build a live database of trusted mobile apps. This will be stored in the cloud and open to customization by individual enterprises.
Some 75 percent of organizations have been the target of a successful cyber attack in the past year, suggests a new study by security firm Symantec. According to Symantec's 2010 State of Enterprise Security study, companies on average lose $2 million annually as a result of these attacks.
"Protecting information today is more challenging than ever," said Francis deSouza, senior vice president, Enterprise Security, Symantec Corp. "By putting in place a security blueprint that protects their infrastructure and information, enforces IT policies, and manages systems more efficiently, businesses can increase their competitive edge in today’s information-driven world."
The study also found that 42 percent of organizations rate security their top issue, especially as enterprise security becomes more difficult due to understaffing.
The study represents responses from 2,100 enterprise CIOs, CISOs, and IT manager from 27 countries, Symantec said.
In the lawsuit, Kenneth Elan says he purchased a copy of Norton Antivirus in 2007. According to Elan, Symantec notified him in early 2009 that his software license had been automatically renewed and his credit card charged $76.03. Now Elan is taking Symantec to court, claiming the company did not abide by the above-mentioned settlement, in which Symantec and McAfee agreed to "provide electronics notification to consumers before and after renewal of the subscription."
"Prior to the automatic renewal, defendant failed to offer plaintiff an opportunity to decline to renew the license for another year," the lawsuit alleges. "If plaintiff had notice of an opportunity to decline the automatic renewal, plaintiff would not have renewed the license."
Elan is seeking both a refund and has asked the court to grant the lawsuit class-action status.
Security firm Symantec this week said it has signed a definitive agreement to acquire privately-held Gideon Technologies, a risk management company that should slip nicely into the firm's security portfolio.
"As the U.S. Government continues to make the cyber security of our country’s public and private infrastructures a priority, Symantec will support public sector customers with standards-based solutions that meet their complex compliance requirements with the highest degree of accuracy," said Gigi Schumm, vice president and general manager public sector, Symantec. "As demonstrated by this acquisition, Symantec is committed to SCAP and emerging standards and intends to lead the ongoing advancement of these standards."
Symantec said it plans to integrate its Gideon Technologies' SecureFusion product with the Symantec Management Platform (formerly the Altiris platform) to help flesh out the company's automated situational awareness, continuous compliance, and remediation management offerings.
IT managers have had plenty to complain about ever since the economy took a nosedive and companies starting make cuts, and according to Symantec's "State of the Data Center" report, half of all IT execs surveyed say their data centers are under manned.
"We recently actually lost 25 percent of our departments in cutbacks," one network manager in New York told researchers. "I'm now doing a number of different jobs. I work from home and on the weekends doing things I never had to do before. I am just trying to do more with less. We could use more people, but right now, it doesn't seem to be an option."
Some 16 percent of those surveyed said that their data centers were extremely understaffed, while the other 34 percent said
Y2K is but a distant memory at this point, Y2K10 is not, at least not for Symantec. While there are no forecasts of the end of the world and other gloom and doom scenarios, Symantec did confess that its Endpoint Protection Manager is incorrectly labeling updates issued in 2010 as out-of-date.
"Customers running SEP (Symantec Endpoint Protection) are still protected, and we are continuing to release updated definitions as normal," the company said in a blog post. "However, for the time being, SEP definitions will display a date of December 31, 2009, with increasing revision numbers."
Symantec says the bug affects its Endpoint Protection v11.x product line, EndPoint Protection Small Business Edition v12.x product line, and products which rely on Symantec Endpoint Protection for definition updates ( such as Symantec Mail Security for Microsoft Exchange or Symantec Mail Security for Domino).
The company said it is working on a permanent fix. In the meantime, you can find out more info here.
Internet Explorer users who have yet to upgrade to IE8 should take note. According to security firm Symantec, there's a pretty nasty Zero Day exploit that affects both IE6 and IE7.
"The exploit currently exhibits signs of poor reliability, but we expect that a fully-functional reliable exploit will be available in the near future," Symantec explained in a blog post. "When this happens, attackers will have the abilty to insert the exploit in websites infecting potential visitors."
Security firm Symantec reported revenue of $1.48 billion for its second fiscal quarter, beating out most analysts' expectations, but down 3 percent from the same quarter one year ago. Earnings were also better than expected, which checked in at $294 million, or $0.36 per share.
Symantec attributed the growth to its consumer business and increased IT spending, which bodes well for the company, considering a recent survey by Intuit Payroll suggested that the majority of SMBs have been spending less on security, even as cybercrime continues to rise.
"We're definitely seeing the U.S. market stabilize," Symantec CEO Enrique Salem noted in an interview on Wednesday. "We've seen China and parts of Asia continue to do well, and we're seeing some weakness in western Europe."
While consumer revenue was up 6 percent year-over-year, Symantec may have a tough time pushing its storage products. According to data from research firms IDC and Gartner, server sales were down roughly 30 percent last quarter.
The price of a fake security software program usually hovers between $30 and $100. But the hidden costs seem to be greater. Installing rogue security software can not only wreck the system but it also makes the owner vulnerable to identity theft. Deceptive ads linking to rogue software appear on both malicious and legit sites. Cybercriminals are also using search engine optimization (SEO) and social media tricks to ensnare even more people.
Symantec has published a list of the dirtiest 100 websites. The websites are said to contain around 18,000 threats apiece on an average. However, the average number of threats shoots up to 20,000 for the top 40 websites on the list, which has been compiled by Symantec’s Norton Safe Web service. Aladel.net, a US-based websites, alone houses 56,371 threats.
Although almost half of the websites are expectedly based around mature content, the remaining sites deal with a wide variety of subjects. Viruses dominate the list of threats found on these sites. Security risks and browser exploits are the other common threats found on them. The owners of the websites that figure on the list must be feeling a sense of elation and achievement. As for the rest of us, we now know which sites not to visit.