Video Screencast Help
updated blog entry 27 Jul 2016
Contributor: Tommy Dong Last time we blogged about malware on Google Play that stole photos from Viber. Since then we’ve discovered another app on Google Play that is moving personal media files (photos and videos) off victims’ mobile devices and onto a remote server. All your videos are belong to us In the course of enhancing our Mobile Insight cloud-based features to identify apps that leak ...
updated discussion 27 Jul 2016
Currently running 10.6.0-7 and when trying to download any of the updates i receive the following, i have tried this via the GUI with no success. This is only affecting the CC, scanners are fine. BMG-CC> update download Loaded plugins: fastestmirror, sym_check, sym_output, sym_proxy Loading proxy configuration Cleaning repos: symrepo_64_3rdparty ...
new discussion 27 Jul 2016
I have a laptop running Windows 7 Professioanl with Symantec Drive Encryption 10.3.2 that is caught in a loop in that it asks for the password, accepts it and then loops back to the passoword screen. Any suggestions??
updated discussion 27 Jul 2016
I have a laptop with Windows 7 Professional running Symantec Encryption Desktop 10.3.2. It has been running for several months and yesterday got caught in a loop where it accepts the password but cycles back to the login screen. Any suggestions?
updated discussion 27 Jul 2016
Hello, sometimes our CSP agent goes to a unknown state. If you open the "Policy Monitor", you will see the the Current Policy/Policy Prevention/Override State are unknown, and the Policy Override are empty(The attached file Bad.png). What annoying thing is that you can't even use the "C:\Program Files\Symantec\Critical System Protection\Agent\IPS\bin\sisipsconfig.exe" -r to change the policy ...
updated discussion 27 Jul 2016
I have a Dell XPS running Windows 8.1 on a 128gb Liteon mSATA drive encrypted with PGP 10.3.2 (not sure which MP version), I recently replaced the keyboard as the original did not have Euro sign (number 5 key), initially the keyboard worked but that button did not work so I tried different keyboard software which seems to have screwed up the system Every time Windows tries to restart it ...
new idea 27 Jul 2016
The ability to run a command, especially starting a scan, on a computer that reports in the Risk Logs under Monitors would be very helpful. Currently, we have to go to Clients, browse to that computer, and start it from there. The desired additional feature would look like the "screenshot" I created and attached below.
updated discussion 27 Jul 2016
Currently running 10.6.0-7 and when trying to download any of the updates i receive the following, i have tried this via the GUI with no success. This is only affecting the CC, scanners are fine. BMG-CC> update download Loaded plugins: fastestmirror, sym_check, sym_output, sym_proxy Loading proxy configuration Cleaning repos: symrepo_64_3rdparty ...
new discussion 27 Jul 2016
I have a laptop running Windows 7 Professioanl with Symantec Drive Encryption 10.3.2 that is caught in a loop in that it asks for the password, accepts it and then loops back to the passoword screen. Any suggestions??
updated discussion 27 Jul 2016
I have a laptop with Windows 7 Professional running Symantec Encryption Desktop 10.3.2. It has been running for several months and yesterday got caught in a loop where it accepts the password but cycles back to the login screen. Any suggestions?
updated discussion 27 Jul 2016
Hello, sometimes our CSP agent goes to a unknown state. If you open the "Policy Monitor", you will see the the Current Policy/Policy Prevention/Override State are unknown, and the Policy Override are empty(The attached file Bad.png). What annoying thing is that you can't even use the "C:\Program Files\Symantec\Critical System Protection\Agent\IPS\bin\sisipsconfig.exe" -r to change the policy ...
updated discussion 27 Jul 2016
I have a Dell XPS running Windows 8.1 on a 128gb Liteon mSATA drive encrypted with PGP 10.3.2 (not sure which MP version), I recently replaced the keyboard as the original did not have Euro sign (number 5 key), initially the keyboard worked but that button did not work so I tried different keyboard software which seems to have screwed up the system Every time Windows tries to restart it ...
updated article 26 Jul 2016
Often times we deploy SEP 12.1 to clients and assume the components are functioning correctly. While the majority of the time this is true, it never hurts to spot check clients to ensure they're working as expected. Below are tests you can run for each component to verify functionality. Test Virus and Spyware Protection The quickest way to test this functionality is to download the EICAR file ...
updated article 22 Jul 2016
Customers Can Now Integrate Compliance Monitoring Into Their Evolving DevOps Process MOUNTAIN VIEW, Calif. – July 20, 2016 – Symantec Corp. (NASDAQ: SYMC), the global leader in cybersecurity, today announced the next version of Symantec Control Compliance Suite, the enterprise-class IT governance, risk and compliance solution. Symantec Control Compliance Suite delivers new ...
updated article 21 Jul 2016
Introduction This is the tenth in my Security Series of Connect articles.  For more information on how to keep your enterprise environment secure using often-overlooked capabilities of Symantec Endpoint Protection (and the OS upon which it functions), see Mick's Greatest Hits: Index of Helpful Connect Security Articles. This article gets down to some practical particulars on how to take ...
updated article 20 Jul 2016
Click here to visit the site on Symantec.com.
updated article 20 Jul 2016
Please click here to view the current Symantec Security Insights newsletter. Thank you!
updated article 19 Jul 2016
Introduction This is the sixth in my Security Series of Connect articles.  For more information on how to keep your enterprise environment secure using often-overlooked capabilities of Symantec Endpoint Protection (and the OS upon which it functions), see Mick's Greatest Hits: Index of Helpful Connect Security Articles. This new "Symantec Insider Tip" article aims to provide advice and ...
updated blog entry 27 Jul 2016
Contributor: Tommy Dong Last time we blogged about malware on Google Play that stole photos from Viber. Since then we’ve discovered another app on Google Play that is moving personal media files (photos and videos) off victims’ mobile devices and onto a remote server. All your videos are belong to us In the course of enhancing our Mobile Insight cloud-based features to identify apps that leak ...
blog entry comment 27 Jul 2016
new blog entry 26 Jul 2016
サイバースパイグループ Patchwork が、政府関連に限定しない組織を標的にするようになっています。シマンテックが調査したところ、このグループは航空、放送、金融など広い範囲の業種を狙ってバックドア型のトロイの木馬を投下していることがわかりました。 Patchwork は、Dropping Elephant という名前でも知られ、シマンテックセキュリティレスポンスは、このグループについて積極的に監視を続けています。Patchwork は、中国に関連する文面でユーザーを引き付けたうえで、標的のネットワークに侵入します。セキュリティ企業 Cymmetria と Kaspersky の 2 ...
updated blog entry 26 Jul 2016
토렌트 사이트에서 불법 복제 컨텐트를 이용했다가 숨겨진 폐해를 겪을 수도 있습니다. 시만텍이 인기 토렌트 웹 사이트를 조사하던 중 PUA(잠재적으로 원치 않는 애플리케이션) 유포 캠페인이 진행 중임을 발견했습니다. 이 가짜 토렌트는 여러 사이트에서 Assassin Creed Syndicate, The Witcher 3 등과 같은 인기 게임의 이름을 미끼로 사용자를 유인한 다음 사용자 모르게 자동으로 PUA를 설치합니다. 시만텍은 이러한 PUA 유포 캠페인에서 합법적인 제휴사의 PPI(Pay-Per-Install) 프로그램을 악용하고 있다고 확신합니다. 잠재적으로 원치 않는 애플리케이션(PUA, Potentially unwanted applications) PUA는 보안, 개인 정보 보호, 리소스 ...
updated blog entry 26 Jul 2016
최신 인텔리전스 페이지가 2016년 5월에 새롭게 단장하여 사이버 보안 위협과 동향에 대한 최신 분석 및 악성 코드, 스팸, 기타 잠재적 위험성을 지닌 비즈니스 리스크에 대한 통찰력을 제공하고 있습니다. 최신 인텔리전스의 주요 내용을 간추려 소개합니다. 툴킷 기반 웹 공격 부문에서 2위 자리를 지켜온 Angler 툴킷이 5월에는 전체 툴킷 활동의 51.2%를 차지하며 선두에 올랐습니다. 4월에 1위였던 Nuclear 익스플로잇 킷은 이달에 5위권 밖으로 밀려났는데, 4월에 발표된 이 툴킷의 인프라스트럭처를 조명한 연구 결과의 공개로 인해 큰 타격을 받은 것으로 보입니다. 이에 앞서 4월에는 Spartan 툴킷이 5위권에서 사라진 바 있습니다. Spartan 툴킷도 툴킷 기반 웹 공격의 선두를 ...
updated blog entry 26 Jul 2016
지속적으로 발전하는 사이버 환경에서 공격자들이 풍부한 자금을 바탕으로 신속하게 움직이고 정교한 공격 수법을 구사하는 데 반해 이러한 공격을 탐지하는 데는 너무 많은 시간이 걸리고 있습니다. 게다가 관련 예산은 빠듯하고 사내 리소스도 부족합니다. 기업의 86%는 더욱 증가하는 사이버 보안 요구 사항을 해결하기 위한 전문 인력이 부족한 상황입니다.[1] CISO들은 이러한 문제를 최우선시하면서 질문을 던지고 그에 대한 답을 찾고 있습니다.  시만텍은 10여 년 전부터 기업의 경영진이 보안 운영의 공백을 해소할 수 있도록 지원해왔습니다. 시만텍은 전 세계를 대상으로 활동하면서 보안 관련 시장을 형성하고 향후 보안 계획에 영향을 미치게 될 동향이 무엇인지에 주목하고 있습니다. 아래와 같은 6가지 ...
updated blog entry 26 Jul 2016
시만텍이 발견한 바에 따르면, 방글라데시 중앙은행에서 8,100만 달러를 훔치고 베트남 Tien Phong Bank에서도 1백만 달러 이상을 빼내려 한 집단이 필리핀의 한 은행을 공격했습니다. 이 집단이 사용한 악성 코드가 필리핀의 한 은행에 대한 표적 공격에서도 사용되었습니다. 뿐만 아니라 여기에 사용된 일부 툴의 코드가 과거 Lazarus라는 보안 위협 그룹과 관련된 공격에 사용된 악성 코드와 유사합니다. 이러한 공격은 2015년 10월부터 발생한 것으로 보이는데, 이는 실패로 끝나긴 했지만 지금까지 발생한 침해 사고 중 가장 빠른 것으로 알려진 베트남 공격이 발생하기 2개월 전입니다. 방글라데시 중앙 은행이 공격을 받자 결제 네트워크인 SWIFT는 공격자들이 자금 이체 사기의 증거를 덮기 위해 ...
updated blog entry 26 Jul 2016
·     2016년 5월 11일 "적을 알고 나를 알면 백번 싸워도 위태로움이 없다. 나를 알되 적을 알지 못하면 한 번 이기고 한 번 지며 적과 나를 모두 모르면 싸움마다 반드시 위태롭다." 손무 손자병법은 오늘날에도 적용되는 가르침입니다. 적을 알면서 자사의 강점과 약점을 알고 있는 기업은 현재 진행 중인 사이버 보안 전쟁에서 승리할 가능성이 높습니다. 공격을 당한 후에야 보안을 강화하지 마십시오. 적극적으로 공격자에 맞서십시오.  귀사가 사이버 레질리언스를 유지하고 공격에 확실히 대비하려면 어떤 노력이 필요할까요? 시만텍은 한 해의 글로벌 보안 위협 동향을 종합적으로 조명하고 분석하는 연례 보고서, 2016년 인터넷 보안 위협 ...
new blog entry 26 Jul 2016
政府相关机构不再是补丁攻击团伙的唯一目标。我们的研究表明,网络间谍团伙为了传播后门木马程序,已开始对多种行业机构进行攻击,其目标包括航空业、广播业和金融业。 赛门铁克安全响应部门一直积极监视Patchwork(该团伙又名为“Dropping ...
updated blog entry 25 Jul 2016
The Patchwork attack group has been targeting more than just government-associated organizations. Our research into the group found that it’s been attacking a broad range of industries, including aviation, broadcasting, and finance, to drop back door Trojans. Symantec Security Response has been actively monitoring Patchwork, also known as Dropping Elephant, which uses Chinese-themed content as ...
new download 17 Jun 2016
Ever had the CCS Agent registered with wrong name or agent IP changed? In some situations it can be pain to fix this as it requires going to agent and running the registration again (imaging you do not have access to agent server and you have to raise ticket to 3rd party supplier and he asks you to raise a change request). Well with these two simple scripts, you can change both agent name and ...
new download 16 May 2016
To make use of stop-words for russian language, download attached file, unzip it and place to the "Protect\config\stopwords" subfolder in the Symantec DLP installation directory. Then go to the "Advanced settings" page of selected detection server and set the variable "Lexer.StopwordLanguages" to "en,ru". Do it for every detection server you have.
updated download 22 Apr 2016
Symantec DCS Policy Utility v1.0.0.11 For Windows OS (Note .NET Framework 4.5 is required) Designed to help you tune your policy by processing the log files from an Agent. There's a getting started tab that explains the best steps to get the logs and events you need to troubleshoot your policy. The program does not make any changes to the machine or policy. It parses the sisidsevents and ...
updated download 01 Apr 2016
When a customer is using the forensics software "Encase 7" with our Symantec Endpoint Encryption Full Disk 8.2.0 software, the customer will need the appropriate DLLs so that the Encase product can successfully work with our Full Disk product. The DLLs required are attached here and can also be located within the original product download under the subfolder "utilities". The DLLs required in ...
updated download 01 Apr 2016
At times, a customer may require the details for creating a batch file (startup script) to assist in the uninstallation of a Symantec Endpoint Encryption Device Control client that was installed via GPO. You cannot use the automatic uninstall feature in the GPO software installation package because the Device Control uninstall procedure is password protected. To uninstall Device Control you ...
updated event 26 Jul 2016
South Florida Cyber Security Forum has been created based on the complexity of today’s global threat environment. As IT no longer rules the roof, device and data explosion coupled by being ever targeted by data breaches and battered attacks continue to make cyber security grow. This all revolves around the balance between privacy, anonymity, technology and security.  This is a free ...
updated event 13 Jul 2016
Topic: Why are cybercriminals targeting Services and Financial? Speaker: Matt Reid, ITS VP of Risk Management Date: Thu, Jul 14, 2016 11:00 AM - 12:00 PM EST Details: Services and Financial industries are key targets for cyber criminals and it’s not just because of the bounty…learn what they have in common and what to do about it! Regional Banks and Credit Unions are ...
new event 27 Jun 2016
Endpoint security is a critical component in an organization's security program and is needed to gain the visibility necessary to rapidly detect threats and contain them before criminals gain access to critical resources.  Join us for an interactive discussion and learn more about  • How emerging security technologies are helping organizations defend against targeted attacks ...
updated video 13 Jul 2016
In this quick update our risk management expert, John Higday, highlights the updates in ATP 2.0.2 which  provides IT security teams with the best visibility in their endpoint environment.   Advanced Threat Protection - Expose, prioritize, and remediate sophisticated advanced attacks across endpoints, networks, and email, from one single console.   Download our ATP whitepaper at ...
updated video 19 May 2016
This video will help new customers to provision their domains and inbound routes once they have access to the administration portal. If you want a desktop aid to provide a step by step guide as to the tool, then please download that here.
new video 17 May 2016
Bay Dynamics recently announced the availability of the standalone IT Analytics Server 2.1, which includes an enhanced web based cube browser. This video walks you through how as an existing Symantec Endpoint Protection customer, you can leverage IT Analytics Server to visualize your cube data and take advantage of its benefits.
updated video 17 May 2016
Bay Dynamics recently announced the availability of the standalone IT Analytics Server 2.1, which includes an enhanced web based cube browser. This video walks you through how as an existing Symantec customer, you can leverage IT Analytics Server to visualize your cube data and take advantage of its benefits.
new video 17 May 2016
In this video, we demonstrate how to install the new standalone IT Analytics Server v2.1 with the Symantec Data Loss Prevention content pack.
updated video 17 May 2016
This training module aims to walk you through how to setup a new business partner in the Encryption module of the Management Portal. Watch more Videos in the Self-serve TLS video series: Self-serve TLS: Moving domains from one Business Partner to another Self-serve TLS: Getting visibility into your enforcements Self-serve TLS: Enforcing TLS encryption between you and the Email Security ...
new video 13 May 2016
This video shows you the new features in Advanced Threat Protection 2.0.2.
updated video 13 May 2016
In this video, you'll see how you can use a STIX file to perform a database search in Advanced Threat Protection 2.0.2 and later.
new idea 27 Jul 2016
The ability to run a command, especially starting a scan, on a computer that reports in the Risk Logs under Monitors would be very helpful. Currently, we have to go to Clients, browse to that computer, and start it from there. The desired additional feature would look like the "screenshot" I created and attached below.
new idea 26 Jul 2016
There currently exists only checks for whether or not older roles are installed (IIS for example), but nothing for the myriad other roles and features of Windows. I'd like to see checks for all the various roles (hyper-v, say) and features (telnet client, anyone?) available in a Windows install, so that these can be checked off against our standard.
new idea 22 Jul 2016
Can a guide be created showing multiple use cases of all the ways CCS standards can be used for.A use case guide is required providing extensive range of examples each with different examples. This helps organizations to adopt the product at the faster pace. Rather than go through the 1000 page user guide or a thin how to guide for standards with very few examples. Learning by examples is the ...
updated idea 22 Jul 2016
awooso posted: IPSEC
I am currently doing an implementation of Symantec firewall to block all intersubnet traffic except a very select few for a very select subnet. Symantec firewall does a great jo and offers a lot of really easy to configure controls except when dealing with IPsec........... Since IPsec required port 500 upd (some say IP protocol 50 and 51) it should be a simple build right? except Symantec ...
new idea 22 Jul 2016
From within the SEPM if you sync an AD container that has managed clients in a unsynched container it moves them to the synched container in the SEPM and will not allow you to move them back without breaking the client management.  This being said it would be very helpful to be able to scan AD for hosts & their client status if present with the option to deploy ...
new idea 21 Jul 2016
There needs to be a tools that will convert existing SEP policies to new versions of SEP policies that have new features. I should not have to rewrite policies everytime there is a SEP update.