Symantec on alert after Net activity surge

Friday, 3 October 2003, 4:20 PM EST

The computer-security specialist has stepped-up efforts to monitor network ports associated with domain name servers. Vincent Weafer, senior director of US-based Symantec Security Response, said the company's DeepSight firewall sensors had begun reporting an unusually large volume of networks events commonly associated with DNS-activity.

It appears that some of Symantec's concern has been driven by the recent re-appearance of a variety of Trojan that exploits a security flaw in Microsoft's Internet Explorer that allows miscreants to insert malicious code into Windows PCs through Web and HTML content.

The payload delivered by the latest variety of Trojan to appear, Qhosts-1, manipulates the way PCs find Web sites on the Internet. Qhosts-1's alters the PC's domain name server setting--normally specified by the user's ISP--and instructs it to link a commonly used search engine site with a network address that appears to belong to a Texas-based ISP.

[ Read more ]




Spotlight

The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Aug 29th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //