When it comes to buying security and antivirus software, there is no room for compromise. Buy the best product and freely explore the digital world. Here are few tips to keep in mind before buying antivirus software.

Equifax has announced that cybercriminals have exploited a vulnerability in their website, allowing them to gain access to certain files. The data breach appears to have taken place from mid-May through July 2017.

A newly discovered vulnerability, dubbed, “FREAK”, that could allow attackers to intercept and decrypt encrypted traffic between browsers and web sites via a Man-in-the-Middle (MitM) attack

Researchers discovered a new vulnerability in Apples mobile iOS platform that has the potential to trick users into divulging their passwords to scammers. A bug lurking in Apples iOS mail app on both...

Last week, the cyber attack against the hackers-for-hire firm Hacking Team, led to a theft of 400gb of data that exposed two Adobe Flash Player vulnerabilities.

Customers of over 1,000 banks and other financial institutions around the world have recently fallen victim to a malicious piece of software, called the Dyre financial Trojan.

A group of hackers known as Team GhostShell, claims to have hacked a multitude of organizations, including financial institutions, government agencies, political groups, law enforcement entities, and universities.

A new zero-day vulnerability in Adobe Flash Player was discovered via a cyberattack against the hackers-for-hire firm Hacking Team (link is external). A large amount of internal information leaked by the attackers contained data on the exploit, which could crash a computer and allow a remote attacker to then take control of the machine.

Corporate espionage group Butterfly has compromised a series of major corporations over the past three years, targeting confidential information and intellectual property. Symantec has been monitoring this group and working with its victims to track the attackers over the past two years.

A new weakness in OpenSSL could allow attackers to hijack secure communications by tricking a targeted computer into accepting invalid and untrusted SSL certificates as valid certificates. This could help facilitate man-in-the-middle (MITM) attacks, where attackers eavesdrop on connections with secure websites such as online banking, ecommerce or email.

A popular photo printing website has announced that customer credit card data collected by a third party vendor may have been breached. As a precautionary measure, the company has temporarily disabled their website while the investigation into the breach is still pending.

The healthcare industry is a prime target for attackers because healthcare data is a treasure trove to cybercriminals. By targeting a hospital’s records rather than just a credit card number or financial data, an attacker can easily gather additional personal information from these sources, especially if their goal is identity theft.

Android smartphone users should be aware of a dangerous new type of malware that spreads via spam SMS or MMS messages that link to a malicious app file.

Symantecs Global Intelligence Network (GIN) team has updated their intelligence page, which provides the most up-to-date analysis of cybersecurity threats.

Its sad to say, but cybercriminals have learned how to use our emotions against us.

A new variant of ransomware has been discovered on Tuesday (February 16), known as Locky, and has been spreading swiflty since it first appeared.

Every February, users both single and coupled tend to increase their downloads of Valentines Day-centric apps.

Patch Tuesday is an unofficial term used in the technology industry, which is when software companies regularly release security patches for their products.

Attackers are setting their sights on stealing users Netflix credentials in order to sell them on the black market, providing access to the streaming service for less expensive prices.

Symantec has found a variant of Android ransomware that uses clickjacking tactics to try and trick users into giving the malware device administrator rights.

Symantec has recently identified thousands of websites that have been compromised with malicious code, which is used to redirect users to a compromised website.

iOS device users- update your software now! Apple released an update to iOS 9 this week, which fixes a three-year old cookie theft bug.

2015 was a banner year for cybercriminals. We reported on 53 events that made it into the headlines, however that was just what we reported. There were many more than that occurred.

Recently, a Windows 10 ransomware scam has been discovered in the form of phishing emails impersonating Microsoft.

A new, extremely dangerous flaw dubbed Stagefright, has been discovered within the multimedia text message (MMS) capabilities on Android phones running OS 2.2 and later.

The mobile threat landscape is rapidly evolving due to the fact that mobile phones are increasingly becoming an attractive and abundant target to cybercriminals. It seems that there are new threats evolving on a daily basis, and it is vital to be proactive in our defenses against them.

Malicious software that uses encryption to hold data for ransom has become wildly successful over the last few years. The purpose of this software is to extort money from the victims with promises of restoring encrypted data.

Today, Norton released findings from a survey of more than 5,000 consumers from U.S., U.K., Canada, Australia and Japan about their fears of and forays into the connected world. The survey makes clear that there are two types of people: those who understand smartphones and IoT devices come with risks, and those who do not. 

Since streaming video content has become mostly commonplace, cybercriminals have taken notice, and are spreading spyware and malware on many social media platforms via comments

A vulnerability in Apple’s AirDrop feature has been discovered by Australian security researcher Mark Dowd.  AirDrop is an “over-the-air” file sharing service that uses Bluetooth and WiFi, and is built into iOS and Mac OS X products.

Adobe has released a patch for a newly discovered vulnerability, CVE-2016-1019, which affects Adobe Flash Player. 

The vulnerability affects Adobe Flash Player versions 21.0.0.197 and earlier for Windows, Mac, Linux, and Chrome operating systems. Adobe has now released the patch for the vulnerability.  

Tax season is a ripe time for phishing and spreading malware; without fail, tax-related online scams remain a most popular type of phishing scam each and every year. Through our threat intelligence network, we have identified four types of tax scams that individuals and businesses should be wary of as they’re preparing to file their taxes in 2016.

A new variant of Android ransomware has been discovered, which is displayed on the lockscreen’s user interface (UI). This threat, Android.Lockdroid.E, creates a lockscreen that appears more sophisticated and official by displaying fraudulent legal notices coupled with personal information gathered from the device.

Hackers have figured out a way to hijack cell phones and steal the valuable information contained in them. Find out how criminals go after emails, photographs and payment apps to commit larger crimes like blackmail, fraud and theft. Learn how to keep your identity safe.

Researcher Patrick Wardle has discovered a security weakness in Apple’s Mac OS X Gatekeeper technology that could allow attackers to run unverified, and possibly malicious applications.

It has been recently discovered that some Dell computers are vulnerable to man-in-the-middle attacks because of an issue with a root certification authority. Root certificates help your web browser verify that websites you visit are legitimate and are who they say they are.  

A proof-of-concept (PoC) discovery means that this is not an actual outbreak, but that it has been created in a lab by researchers simply to see prove if it is possible. The researchers that perform these tasks are considered white hat hackers.

If you think the mobile devices don’t require security software, well, you’d be wrong. Treating your smartphone or tablet in the same manner you do your laptop is crucial, as these devices are actually just smaller, powerful computers.

You may have read about Apple pulling over 250 iOS apps from the App Store for various privacy violations. This was because these apps used the Youmi advertising software development kit (SDK), which is also used in Android app development.

A key figure behind an online banking scam dubbed “Dridex,” which has been stealing millions of dollars from online bank accounts, was recently arrested. After a coordinated effort between the FBI and National Crime Agency, with support from authorities across Europe, this effort helped cyber security experts and law enforcement cut off thousands of compromised computers from the botnet’s control.

You may have seen one of those posts floating around on your newsfeeds recently, about Facebook charging you to keep your private information private. But the truth lies in Facebook's privacy policy.

In late July 2015, a bug dubbed Stagefright was discovered, that had the ability to secretly sneak onto Android phones via Multi Media Text Messages (MMS), affecting Android phones running OS 2.2 and later. Since its discovery, Google has released several patches.

iOS apps popular mainly in China have been infected with a piece of malware that can steal your data, and even get you to reveal things like usernames and passwords via phishing.

One of the most prevalent Android ransomware threats in the West has now expanded to Asia, choosing Japan as its first target. Android.Lockdroid was spotted on March 11th, and disguises itself as a system update.

There’s a perception that OS X is impenetrable, especially when compared to Windows. In recent times this assumption is being proven wrong. The latest in a series of flaws discovered in OS X and iOS is a vulnerability in Apple’s security system.

According to the Symantec report titled “Financial Threats 2015,” cyber thieves are developing stronger attacks on banks and other institutions to try to access our hard-earned money. Here’s an inside look at the top threats financial companies faced in 2015, plus tips on keeping your own bank accounts secure.

Apple has released a slew of software updates this week for various products. These vulnerabilities and others are also affecting other versions of Apple’s OS, so it’s a good idea to take a moment and update all your iDevices.

Last weekend several mainstream websites, fell victim to a massive malvertising campaign. The tainted ads in these websites may have directed thousands of unsuspecting users to a landing page hosting the notorious Angler Exploit Kit, a kit that stealthily installs crypto-ransomware and other malware on computers.

Cybercriminals regularly use exploit kits to innovatively find vulnerabilities in systems and infect users with malware. A recent victim of this Angler Exploit Kit is ‘Burrp’, a popular local food and restaurant recommendation website based in India.

The discovery of a critical Adobe Flash Player zero-day vulnerability, CVE-2016-1010, “that could potentially allow an attacker to take control of the affected system” prompted Adobe to issue an emergency patch on March 10. Adobe says the vulnerability has been identified as “being used in limited, targeted attacks.”

Symantec recently discovered a phishing site for Amazon.com, which didn't seem out of the norm, at first. However, when taking a closer look at the HTML source code, an interesting comment from the attacker was uncovered. The "brag tag," found details that consisted of the name of the scam, "Scama Amazon 2016,” along with the attacker's name, website, and even a YouTube channel.

Between March 4th and 5th, 2016, Apple customers were the targets of the first Mac-focused ransomware campaign executed by cybercriminals.

With the IRS’s due date of April 18th looming overhead, fraudsters are rapidly trying to cash in on tax refunds. In this scam, the scammer pretends to be a member of upper management, and targets a more junior member of the organization. The phishing email requests that the target send employees’ W2 forms for inspection.

A recent vulnerability involving the handling of SSL/TLS (Secure Socket Layer/Transport Layer Security) certificates dubbed as DROWN, has been discovered by researchers. DROWN stands for “Decrypting RSA with Obsolete and Weakened eNcryption.”

A new, sneaky variant of Android.Mobilespy has been discovered. This malware steals information, and displays advertisements, however it executes it in a different way than most malware. It tries to...

This week, VTech, a global company that manufactures Internet connected learning products for young children announced that they have been involved in a massive data breach. The companys learning...

I was sitting in my home office when my home phone line rang.It was late. 10:30 p.m. to be exact, but I often use this quiet timeafter my kids have gone to bedto catch up on email.Despite my home...

It has been discovered that attack groups behind the [ransomware](https://community.norton.com/en/blogs/norton-protection-blog /ransomware-when-cybercriminals-hold-your-computer-hostage) known as...

Earlier this week, white hat hacker Chris Vickery announced that he was able to gain access to over 13 million MacKeeper user accounts. A vulnerability was exploited in the company’s servers, which exposed the usernames, email addresses and other personal information of 13 million customers.

Researchers have discovered a new type of Android ransomware that takes advantage of a potentially embarrassing situation to extort the user into paying a ransom. The malicious software is distributed through an app named "Adult Player," which is a pornographic video player.

Tens of thousands of Android devices have potentially been affected by a new variant of the Simplocker ransomware. Ransomware is a malicious type of software that either locks or encrypts your files or device, and leaves an alarming message demanding that the owner of the device pay a “ransom” to get their files or control of their device back.

Cybercriminals have reportedly stolen over 225,000 Apple ID account credentials from jailbroken iOS devices, using a type of malware called, “Keyraider”. The criminals have been using the stolen credentials to make in-app purchases with user accounts.

Since the large-scale August 19th data breach revealing millions of user profiles and email addresses from the Ashley Madison online dating site, we have found and blocked a surge in email spam activity related to the Ashley Madison data breach.

The security hole in Internet Explorer could allow an attacker to take over a computer. Once the attacker has gained control, they can potentially install programs, view, change, or delete data and more.

Two vulnerabilities, which are security holes in software, in Mac OS X operating systems affecting OS X versions Mavericks 10.9.5 up to Yosemite 10.10.5 have been confirmed.

You may have noticed growing reports in the media about the dangers of using USB memory sticks. A malicious USB device can install malware such as backdoor Trojans, information stealers and much more.

A bug discovered in the Firefox web browser could allow attackers to gain access to files stored on a computer through malicious code injected into the browser’s built-in PDF viewer.

Two researchers have designed a worm that can spread itself via the firmware of Apple OS X computers and peripherals, without the aid of connecting to the Internet. Firmware is software that resides on a chip in your device, and provides instructions to the hardware on how to power up properly and then load the operating system.

A critical new vulnerability that can be used to forcibly install software on MacBooks without the users’ consent or administrator password has been discovered on MacBooks running OS X Yosemite, version 10.10. Doing so allows a malicious program to run as though it is the administrator of the computer.

As more and more people lean towards reading in a digital format, here are a few things to keep in mind when reading ebooks.

Did you know that your ISP can see what you do while you’re online? From making purchases to looking up medical conditions, your actions create a digital trail of data that can paint a very detailed picture of you.

Petya ransomware is spreading using the EternalBlue exploit similar to the WannaCry attack. Here's what to do when it comes to ransomware.

Since our personal safety takes precedence over everything, it’s safe to say that our digital security is a close second. This brings us to one the biggest challenges of Internet security – free vs paid internet security.

When it comes to free apps, there still may be a price, although it doesn’t always cost the user. There are other ways applications can earn revenue, such as running advertisements within the app itself.

Introducing Zero Days, the real-life cyber warfare documentary featuring Symantec cyber-security experts Eric Chien and Liam OMurchu. You may have heard about the Stuxnet virus in the media over...

The cybersecurity landscape is constantly evolving with new threats and never- before-seen vulnerabilities being discovered by security experts and, just as likely, exploited by cybercriminals at a...

Sophisticated cybercriminals have devised a way to steal email credentials that bypasses two-factor authentication security and doesnt rely on otherwise easy-to-spot phishing methods. Heres what you...

There are multiple layers to the Internet that you may not be aware of. The first, or top layer is called the surface web, and it is the part of the web that is crawled by search engines. Thats the...

The holidays are just around the corner, and that means many of us will be making purchases online to avoid large crowds and busy mall traffic. While online shopping has made our lives easier, it...

If youre like most Internet users, youve never even heard of grayware, adware or madware. Thats because these are all lower on the threat scale in the world of malicious programming. Whats more, they...

We talk about software vulnerabilities a lot, and the human versions of those are our...

Cyber criminals are not run-of-the-mill street hooligans. Assailants of online crimes are educated, tech-savvy, sophisticated individuals who dont care if you prefer PC to Mac or vice versa. There...

A form of phishing, smishing is when someone tries to trick you into giving them your private...

When hacking was first introduced in film and television, it was nowhere near as prevalent as it is today. The threat landscape was years away from becoming what it is now, so hacking and cybercrime...

Did you know that an attacker can flood your house via the water dispenser on your connected refrigerator? Or that bluetooth enabled locks can be picked from of a mile away using radio frequencies?...

This year, Norton visited DefCon 24, a hacking conference held in Las Vegas. Established in 1993, this conference is designed to bring together people from all realms of the...

A denial of service or DOS attack is used to tie up a websites resources so that users who need to access the site cannot do so. Many major companies, have been the focus of DOS attacks in recent...

Security researchers have discovered a new software bug known as the “Bash Bug” or “Shellshock,” or to those more technically “in-the-know” as GNU Bash Remote Code Execution Vulnerability

On Tuesday October 14th, a new vulnerability was discovered in Microsoft Windows Operating Systems, affecting all supported versions of Windows, from Windows Vista Service Pack 2 up to Windows 8.1. According to the security firm, iSIGHT, this vulnerability has been exploited by a cyberespionage group known as Sandworm, to deliver malware to targeted organizations.

A new zero-day vulnerability has been discovered in Adobe Flash. Security researcher Kafeine reports that this vulnerability is currently being exploited in the wild.

A new Adobe Zero-day exploit was discovered by Trend Micro on February 2nd, 2015. A Zero-day exploit is when there is an unpatched bug in a software program that allows hackers access to inject malware into your computer.  

Symantec, the parent company of Norton, has uncovered a highly-complex cyber-espionage malware program known as Regin. This malware has been developed for use in spying campaigns against international targets, such as government organizations, businesses, academic organizations, service providers and even private individuals.

Yesterday, security firm Palo Alto Networks, reported on a new family of malware that affects Apple’s OS X and iOS devices called WireLurker.  WireLurker has been used to inject malicious code into Mac applications hosted on a third party Mac app store in China.  

A serious vulnerability has been discovered in Internet Explorer that could potentially allow attackers to steal information from a website, as well as inject information into other websites.

On February 25th, 2015, with the help of Symantec and other industry partners, Europol was able to seize servers used by the cybercriminal group behind the Ramnit Botnet.

On March 19th, 2015, website developers who use OpenSSL learned of several bugs, including a severe bug that could allow hackers to render a webserver or website unavailable to users.  

Its all over the news: headlines claiming that Starbucks was hacked or that hackers broke into the Starbucks mobile app. What is true is that cybercriminals are targeting Starbucks accounts, but not.

As a Norton customer, you are always entitled to download the latest version of your Norton product for free during your service period. Existing customers are...

An independent security researcher recently discovered that some Apple Macs older than a year are susceptible to a nasty bug that would allow attackers to gain access to a computer once it wakes from “Sleep mode”.