Hundreds of malicious apps are showing up on the Google Play Store, disguised as legitimate applications.

If you have a Yahoo account, you need to change your password now. If you reuse that password on any other online accounts, you should change that too.

Dropbox has announced via their blog that 68 million user email addresses with hashed and salted passwords have been exposed. Dropbox has verified that the information is indeed legitimate.

An unusual strain of ransomware has shown up on the scene, and it isn’t playing nicely at all. Dubbed “Jigsaw,” the ransomware was created in early March and made its way to the black market a week later, selling for around $140 USD. So far, it seems that there has been minimal sales of the malware. Luckily, it is not widespread yet.

Cyber espionage, also known as cyber spying, is grabbing a lot of headlines lately. The most recent incident affects Apple’s iOS. Researchers at Citizen Lab Have discovered that a highly sophisticated cyber espionage group has deployed a very rare, advanced form of spyware, which can break an iPhone wide open.

Overnight sensation Pokémon GO! has continued to explode over a week after its New Zealand, Australia, and the US on Wed July 6. July 13th the game was released in Germany and the following day for the UK.

Are your Apple AirPorts suddenly flashing yellow? That’s because Apple has sent out a major update to your AirPort Express, AirPort Extreme, and AirPort Time Capsule base stations.

Although Dridex (W32.Cridex) and Locky (Trojan.Cryptolocker.AF) have been unusually quiet, a new type of ransomware may be taking their place on the online threat landscape.

Researchers at Symantec have recently discovered a malicious app that can steal photos and videos from the popular instant messaging and VoIP app Viber.

Cyber criminals are finding new ways to steal your money through your Android device. Lately, the use of Android malware that steals your banking credentials, with names such as Acecard or GMbot, is on the rise.

Introducing Zero Days, the real-life cyber warfare documentary featuring Symantec cyber-security experts Eric Chien and Liam O'Murchu. You may have heard about the Stuxnet virus in the media over...

Today we are proud to announce the launch of the second installment in our documentary series The

Youve heard of malware, ransomware, botnets, and the like. What you dont hear about is the technology behind these threats. These threats all have to come from somewhere, theyre not just out there...

If youre like most Internet users, youve never even heard of grayware, adware or madware. Thats because these are all lower on the threat scale in the world of malicious programming. Whats more, they...

A form of phishing, smishing is when someone tries to trick you into giving them your private...

We talk about software vulnerabilities a lot, and the human versions of those are our...

Selecting the right antivirus software for your devices is one of the most important things you can do for your digital safety. Know what to look for before you choose an antivirus.

When you hear about hackers taking down the Internet, it usually means they’ve launched a distributed denial-of-service (DDoS) attack. This short video shows you how a DDoS works.

What is the deep web? Learn about the good and the bad of the “hidden” internet, and information you would be surprised to find there.

Not all hackers are inherently bad. When used in mainstream media, the word, hacker, is usually used in relation to cyber criminals, but a hacker can actually be anyone, regardless of their...

Yesterday, security firm Palo Alto Networks, reported on a new family of malware that affects Apple’s OS X and iOS devices called WireLurker. WireLurker has been used to inject malicious code into Mac applications hosted on a third party Mac app store in China.

As a Norton customer, you are always entitled to download the latest version of your Norton product for free during your service period. Existing customers are...

A new, extremely dangerous flaw dubbed Stagefright, has been discovered within the multimedia text message (MMS) capabilities on Android phones running OS 2.2 and later.

Recently, a Windows 10 ransomware scam has been discovered in the form of phishing emails impersonating Microsoft.

The mobile threat landscape is rapidly evolving due to the fact that mobile phones are increasingly becoming an attractive and abundant target to cybercriminals. It seems that there are new threats evolving on a daily basis, and it is vital to be proactive in our defenses against them.

When it comes to free apps, there still may be a price, although it doesn’t always cost the user. There are other ways applications can earn revenue, such as running advertisements within the app itself.

Petya ransomware is spreading using the EternalBlue exploit similar to the WannaCry attack. Here's what to do when it comes to ransomware.

A new, sneaky variant of Android.Mobilespy has been discovered. This malware steals information, and displays advertisements, however it executes it in a different way than most malware. It tries to...

This week, VTech, a global company that manufactures Internet connected learning products for young children announced that they have been involved in a massive data breach. The companys learning...

I was sitting in my home office when my home phone line rang.It was late. 10:30 p.m. to be exact, but I often use this quiet timeafter my kids have gone to bedto catch up on email.Despite my home...

It has been discovered that attack groups behind the [ransomware](https://community.norton.com/en/blogs/norton-protection-blog /ransomware-when-cybercriminals-hold-your-computer-hostage) known as...

Earlier this week, white hat hacker Chris Vickery announced that he was able to gain access to over 13 million MacKeeper user accounts. A vulnerability was exploited in the company’s servers, which exposed the usernames, email addresses and other personal information of 13 million customers.

A recent vulnerability involving the handling of SSL/TLS (Secure Socket Layer/Transport Layer Security) certificates dubbed as DROWN, has been discovered by researchers. DROWN stands for “Decrypting RSA with Obsolete and Weakened eNcryption.”

With the IRS’s due date of April 18th looming overhead, fraudsters are rapidly trying to cash in on tax refunds. In this scam, the scammer pretends to be a member of upper management, and targets a more junior member of the organization. The phishing email requests that the target send employees’ W2 forms for inspection.

Between March 4th and 5th, 2016, Apple customers were the targets of the first Mac-focused ransomware campaign executed by cybercriminals.

Symantec recently discovered a phishing site for Amazon.com, which didn't seem out of the norm, at first. However, when taking a closer look at the HTML source code, an interesting comment from the attacker was uncovered. The "brag tag," found details that consisted of the name of the scam, "Scama Amazon 2016,” along with the attacker's name, website, and even a YouTube channel.

The discovery of a critical Adobe Flash Player zero-day vulnerability, CVE-2016-1010, “that could potentially allow an attacker to take control of the affected system” prompted Adobe to issue an emergency patch on March 10. Adobe says the vulnerability has been identified as “being used in limited, targeted attacks.”

Cybercriminals regularly use exploit kits to innovatively find vulnerabilities in systems and infect users with malware. A recent victim of this Angler Exploit Kit is ‘Burrp’, a popular local food and restaurant recommendation website based in India.

Last weekend several mainstream websites, fell victim to a massive malvertising campaign. The tainted ads in these websites may have directed thousands of unsuspecting users to a landing page hosting the notorious Angler Exploit Kit, a kit that stealthily installs crypto-ransomware and other malware on computers.

Apple has released a slew of software updates this week for various products. These vulnerabilities and others are also affecting other versions of Apple’s OS, so it’s a good idea to take a moment and update all your iDevices.

According to the Symantec report titled “Financial Threats 2015,” cyber thieves are developing stronger attacks on banks and other institutions to try to access our hard-earned money. Here’s an inside look at the top threats financial companies faced in 2015, plus tips on keeping your own bank accounts secure.

There’s a perception that OS X is impenetrable, especially when compared to Windows. In recent times this assumption is being proven wrong. The latest in a series of flaws discovered in OS X and iOS is a vulnerability in Apple’s security system.

One of the most prevalent Android ransomware threats in the West has now expanded to Asia, choosing Japan as its first target. Android.Lockdroid was spotted on March 11th, and disguises itself as a system update.

iOS apps popular mainly in China have been infected with a piece of malware that can steal your data, and even get you to reveal things like usernames and passwords via phishing.

In late July 2015, a bug dubbed Stagefright was discovered, that had the ability to secretly sneak onto Android phones via Multi Media Text Messages (MMS), affecting Android phones running OS 2.2 and later. Since its discovery, Google has released several patches.

You may have seen one of those posts floating around on your newsfeeds recently, about Facebook charging you to keep your private information private. But the truth lies in Facebook's privacy policy.

A new variant of Android ransomware has been discovered, which is displayed on the lockscreen’s user interface (UI). This threat, Android.Lockdroid.E, creates a lockscreen that appears more sophisticated and official by displaying fraudulent legal notices coupled with personal information gathered from the device.

A key figure behind an online banking scam dubbed “Dridex,” which has been stealing millions of dollars from online bank accounts, was recently arrested. After a coordinated effort between the FBI and National Crime Agency, with support from authorities across Europe, this effort helped cyber security experts and law enforcement cut off thousands of compromised computers from the botnet’s control.

You may have read about Apple pulling over 250 iOS apps from the App Store for various privacy violations. This was because these apps used the Youmi advertising software development kit (SDK), which is also used in Android app development.

If you think the mobile devices don’t require security software, well, you’d be wrong. Treating your smartphone or tablet in the same manner you do your laptop is crucial, as these devices are actually just smaller, powerful computers.

A proof-of-concept (PoC) discovery means that this is not an actual outbreak, but that it has been created in a lab by researchers simply to see prove if it is possible. The researchers that perform these tasks are considered white hat hackers.

It has been recently discovered that some Dell computers are vulnerable to man-in-the-middle attacks because of an issue with a root certification authority. Root certificates help your web browser verify that websites you visit are legitimate and are who they say they are.

Researcher Patrick Wardle has discovered a security weakness in Apple’s Mac OS X Gatekeeper technology that could allow attackers to run unverified, and possibly malicious applications.

Hackers have figured out a way to hijack cell phones and steal the valuable information contained in them. Find out how criminals go after emails, photographs and payment apps to commit larger crimes like blackmail, fraud and theft. Learn how to keep your identity safe.

Tax season is a ripe time for phishing and spreading malware; without fail, tax-related online scams remain a most popular type of phishing scam each and every year. Through our threat intelligence network, we have identified four types of tax scams that individuals and businesses should be wary of as they’re preparing to file their taxes in 2016.

The vulnerability affects Adobe Flash Player versions 21.0.0.197 and earlier for Windows, Mac, Linux, and Chrome operating systems. Adobe has now released the patch for the vulnerability.

Adobe has released a patch for a newly discovered vulnerability, CVE-2016-1019, which affects Adobe Flash Player.

A vulnerability in Apple’s AirDrop feature has been discovered by Australian security researcher Mark Dowd. AirDrop is an “over-the-air” file sharing service that uses Bluetooth and WiFi, and is built into iOS and Mac OS X products.

Since streaming video content has become mostly commonplace, cybercriminals have taken notice, and are spreading spyware and malware on many social media platforms via comments

Today, Norton released findings from a survey of more than 5,000 consumers from U.S., U.K., Canada, Australia and Japan about their fears of and forays into the connected world. The survey makes clear that there are two types of people: those who understand smartphones and IoT devices come with risks, and those who do not.

Malicious software that uses encryption to hold data for ransom has become wildly successful over the last few years. The purpose of this software is to extort money from the victims with promises of restoring encrypted data.

2015 was a banner year for cybercriminals. We reported on 53 events that made it into the headlines, however that was just what we reported. There were many more than that occurred.

iOS device users- update your software now! Apple released an update to iOS 9 this week, which fixes a three-year old cookie theft bug.

Symantec has recently identified thousands of websites that have been compromised with malicious code, which is used to redirect users to a compromised website.

Symantec has found a variant of Android ransomware that uses clickjacking tactics to try and trick users into giving the malware device administrator rights.

Attackers are setting their sights on stealing users Netflix credentials in order to sell them on the black market, providing access to the streaming service for less expensive prices.

Patch Tuesday is an unofficial term used in the technology industry, which is when software companies regularly release security patches for their products.

Every February, users both single and coupled tend to increase their downloads of Valentines Day-centric apps.

A new variant of ransomware has been discovered on Tuesday (February 16), known as Locky, and has been spreading swiflty since it first appeared.

Its sad to say, but cybercriminals have learned how to use our emotions against us.

Symantecs Global Intelligence Network (GIN) team has updated their intelligence page, which provides the most up-to-date analysis of cybersecurity threats.

Android smartphone users should be aware of a dangerous new type of malware that spreads via spam SMS or MMS messages that link to a malicious app file.

Equifax has announced that cybercriminals have exploited a vulnerability in their website, allowing them to gain access to certain files. The data breach appears to have taken place from mid-May through July 2017.

Hot on the heels of another large data breach, Sonic, America’s Drive-In, appears to be the latest victim of a potential data breach. This could mean almost 5 million customers may end up with their credit card information traded in the underground economy.

The cybersecurity landscape is constantly evolving with new threats and never- before-seen vulnerabilities being discovered by security experts and, just as likely, exploited by cybercriminals at a...

More than 1,500 Symantec employees from 33 countries and across a spectrum of professional disciplines took part in the world’s largest annual civilian war game: Symantec’s 2017 CyberWar Games.

A new zero-day vulnerability has been discovered in Adobe Flash. Security researcher Kafeine reports that this vulnerability is currently being exploited in the wild.

Researchers discovered a new vulnerability in Apples mobile iOS platform that has the potential to trick users into divulging their passwords to scammers. A bug lurking in Apples iOS mail app on both...

On March 19th, 2015, website developers who use OpenSSL learned of several bugs, including a severe bug that could allow hackers to render a webserver or website unavailable to users.

A critical new vulnerability that can be used to forcibly install software on MacBooks without the users’ consent or administrator password has been discovered on MacBooks running OS X Yosemite, version 10.10. Doing so allows a malicious program to run as though it is the administrator of the computer.

Corporate espionage group Butterfly has compromised a series of major corporations over the past three years, targeting confidential information and intellectual property. Symantec has been monitoring this group and working with its victims to track the attackers over the past two years.

Symantec, the parent company of Norton, has uncovered a highly-complex cyber-espionage malware program known as Regin. This malware has been developed for use in spying campaigns against international targets, such as government organizations, businesses, academic organizations, service providers and even private individuals.

Did you know that an attacker can flood your house via the water dispenser on your connected refrigerator? Or that bluetooth enabled locks can be picked from of a mile away using radio frequencies?...

A denial of service or DOS attack is used to tie up a websites resources so that users who need to access the site cannot do so. Many major companies, have been the focus of DOS attacks in recent...

Customers of over 1,000 banks and other financial institutions around the world have recently fallen victim to a malicious piece of software, called the Dyre financial Trojan.

There are multiple layers to the Internet that you may not be aware of. The first, or top layer is called the surface web, and it is the part of the web that is crawled by search engines. Thats the...

A new zero-day vulnerability in Adobe Flash Player was discovered via a cyberattack against the hackers-for-hire firm Hacking Team (link is external). A large amount of internal information leaked by the attackers contained data on the exploit, which could crash a computer and allow a remote attacker to then take control of the machine.

Sophisticated cybercriminals have devised a way to steal email credentials that bypasses two-factor authentication security and doesnt rely on otherwise easy-to-spot phishing methods. Heres what you...

Cybercriminals use sophisticated tactics that make it extremely difficult for law enforcement alone to collect evidence, capture the suspect and prosecute them.

The who, where and how of malware: who writes the code, where does malware come from, and how you can protect yourself.

Zero-day vulnerabilities present serious security risks, leaving you susceptible to zero-day attacks, which can result in potential damage to your computer or personal data. Learn how to keep your computer and data safe.

You may have noticed growing reports in the media about the dangers of using USB memory sticks. A malicious USB device can install malware such as backdoor Trojans, information stealers and much more.

Last year, the Norton team brought you a new look into cybercrime via the documentary In Search Of The Most Dangerous Town On The Internet. Through...

As more and more people lean towards reading in a digital format, here are a few things to keep in mind when reading ebooks.

Since our personal safety takes precedence over everything, it’s safe to say that our digital security is a close second. This brings us to one the biggest challenges of Internet security – free vs paid internet security.

To celebrate May the Fourth we’re taking a look at vulnerabilities that nearly ended the Empire. Whichever side you choose, don’t become a victim to software vulnerabilities.

A new Adobe Zero-day exploit was discovered by Trend Micro on February 2nd, 2015. A Zero-day exploit is when there is an unpatched bug in a software program that allows hackers access to inject malware into your computer.

Researchers have discovered a new type of Android ransomware that takes advantage of a potentially embarrassing situation to extort the user into paying a ransom. The malicious software is distributed through an app named "Adult Player," which is a pornographic video player.

Tens of thousands of Android devices have potentially been affected by a new variant of the Simplocker ransomware. Ransomware is a malicious type of software that either locks or encrypts your files or device, and leaves an alarming message demanding that the owner of the device pay a “ransom” to get their files or control of their device back.

Researchers from the University of Indiana discovered a bug in Apple’s operating system that could allow cybercriminals new ways to use apps to hijack passwords.