Our security research centers around the world provide unparalleled analysis of and protection from malware, security risks, vulnerabilities, and spam. If you have any thoughts for how we can improve the content on these pages, please take a moment to provide some
Most users typically encounter malicious threats as they use their computer to engage in online activities. Symantec is constantly monitoring the threat landscape where our users are likely to spend most of their time online.
The Internet Threat Meter provides a quick visual indicator of how likely each common online activities is likely to encounter some form of threat from a malicious attacker.
Hover over each activity for a short explanation of the current risk level
Click on an activity to visit a page with more detail on that activity and the risk level
On February 15, 2012, Adobe released a patch for a cross-site scripting (XSS) vulnerability that is being exploited in the wild through links in emails (CVE-2011-0767, BID 52040). User interaction is required to click on the malicious link.
Currently there are no widespread outbreaks of malicious code circulating via instant messaging. In the past, however, some malicious code did take advantage of IM. Always use normal security precautions whenever you use IM.
Although attackers often use this medium to distribute trojan applications and malicious code, no high-profile threats are currently affecting the medium. Always use caution when downloading files, especially from sources you don’t know or trust.
Symantec Security Response @ Fri, 10 Feb 2012 22:50:09
Recently there have been several reports about the re-emergence of a botnet variant (Kelihos), which Symantec ...
Trojan.Zeroaccess is a Trojan horse that uses an advanced rootkit to hide itself. It is often installed through drive-by-download attacks from sites hosting the Blackhole exploit kit. The Trojan can also create an encrypted, hidden file system, download more malware, and open a back door on the compromised computer.
The Trojan is called ZeroAccess due to a string found in the kernel driver code that is pointing to the original project folder called ZeroAccess. It is also known as max++ as it creates a new kernel device object called __max++>.
More information on Trojan.Zeroaccess is available in the Trojan.Zeroaccess writeup.
Videos
Security Response clips about malware and its effects
How They Attack
Over the last 18 months, an ominous change has swept across the Internet. The tools driving the new attacks and fueling the blackmarket are crimeware - bots, Trojan horses, and spyware.
How does cybercrime affect people? Check out these real-world examples. To avoid becoming a victim of cybercrime, learn the basics of online protection.
