Video Screencast Help
Search Video Help Close Back
to help

Security Community Blog

Showing posts in English
Featured: LiveUpdate Administrator (LUA) version 2.3.2 is now available
Mithun Sanghavi | 01 Nov 2012 | 3 comments

 

The Latest version of LiveUpdate Administrator (LUA) version 2.3.2 is now available.

Contact Symantec Technical Support to grab the Latest Copy of LiveUpdate Administrator (LUA) version 2.3.2

The installation file (147.35 MB) and will later be included on the SEP 12.1 RU2 DVD’s (SEP 12.1 RU2 is yet to be released)

Some of the features included in this release

  • Packaged with Apache Tomcat version 7.0.26 and PostgreSQL version 9.1.3.
  • Packaged with JRE 1.7 (private JRE, automatically bundled, installed and configured by the LUA installer).
  • Enhanced security with advanced features to protect the User Interface from certain attacks.
  • Added the ability to modify the LUA download directory path at any time (not just at install time).
  • Product Catalog will now automatically update to ensure catalog changes become available without any user...
Read more
Featured: New Trojan.Shylock wave
Brandon Noble | 28 Aug 2012 | 0 comments

We have been seeing a recent wave of Trojan.Shylock variants with a lot of additional functionality than the older versions we have been used to.

Initially, many of these variants are detected generically as Backdoor.Trojan or Trojan Horse, but our new Shylock heuristic signatures (Trojan.Shylock!gen6 and Trojan.Shylock!gen7) should be changing this to a more accurate naming convention, and should be picking up a much wider spread of these threats.

Additionally we are hearing about some behavior that we have not been able to reproduce. Reports are saying that legitimate documents are getting hidden and then shortcuts with the same name of the document are being added in their place. These shortcuts actually launch a thumbs.db(x) file which is the Shylock Trojan, and they are meant to trick the user into running the threat. This is common behavior of for threats, as noted in this blog article from May 2012,...

Read more
NTLM Vs DCI (A Comparison of Symantec Web Gateway Features)
OmerCh | 18 May 2013 | 0 comments

 

Background

Symantec Web Gateway is state of the art proxy and web filtering solution for corporate local area networks. It has the capability to authenticate end users and provide them secure web browsing experience as per organization’s policies and requirements.

SWG can use one of the 2 authentication mechanisms available in it named

-          Domain Controller Interface (DCI)

-          NTML Authentication

SWG can only use one of these methods at a time.

 

Comparison of NTLM authentication and DC Interface Mechanisms

NTLM and DC Interface provide different kinds of authentication mechanisms and have difference in functionality as well.

DC Interface

DCI works by integrating with domain controllers in an organization. In order to do so we need to install a small piece of software on domain...

Read more
AV engine update - May 21st 2013
pete_4u2002 | 17 May 2013 | 0 comments

Reference: http://www.symantec.com/business/support/index?page=content&id=TECH205767

Symantec will post update to the AV Engine in Multiple Daily Virus Definitions on Tuesday May 21st 2013.

Beginning with the Virus Definitions that include the update AV Engine version 20131.1, additional files will be added. That update is expected to post in MDD1 on Wednesday May 21st.

Symantec Endpoint Protection 12.1+ and Norton AntiVirus/Norton Internet Security 2011+ customers will see 4 new index files.  Symantec Endpoint Protection 11+ and Norton AntiVirus/Norton Internet Security 2007+ products will see 8 additional index files.

As a result of the additional files, the size of each dated definition folder will increase. Note the size increase noted below will be the size that is added to the dated definition folders as they exist...

Read more
Announcing the upcoming Symantec Messaing Gateway 10.5 for Service Providers Beta Evaluation
wib3rd | 15 May 2013 | 0 comments

Symantec Messaging Gateway 10.5 for Service Providers (Software Edition)
Formally known as Symantec Brightmail Message Filter
Pre-release Evaluation

 

On June 25th, 2013 Symantec will be launching the pre-release evaluation of Symantec Messaging Gateway 10.5 for Service Providers. This new version of Symantec Messaging Gateway for Service Providers (Software Edition) plans to introduce new features including.

 

  • Name change from Symantec Brightmail Message Filter to Symantec Messaging Gateway for Service Providers
  • Block more Spam and Malware with Expanded Threat URL Reputation and Customer Specific Rules creation capabilities
  • Submit missed Spam and False Positive Emails with new CLI Message Submission process
  • Block Marketing and Newsletter Messages with newly available dispositions
  • Enhanced management of Unscannable Messages

 

The Symantec Enterprise...

Read more
Announcing the upcoming Symantec Messaging Gateway 10.5 Beta Evaluation
wib3rd | 15 May 2013 | 0 comments

Symantec Messaging Gateway 10.5 Pre-release Evaluation

 

On June 25th, 2013 Symantec will be launching the pre-release evaluation of Symantec Messaging Gateway 10.5. This new version of Symantec Messaging Gateway plans to introduce new features including.

 

  • Remove Zero Day Malware and Targeted Attacks from Office and PDF attachments with new “Disarm” technology.
  • Block more Spam and Malware with Expanded Threat URL Reputation
  • Simplify management with LDAP Authenticated Administration
  • Enhanced management of Unscannable Messages
  • Communicate securely with trusted partners using enforced inbound TLS encryption
  • Increase security with TLS encrypted delivery to Symantec DLP
  • Control Spam attacks and message volume from inside the your environment with Outbound Sender Throttling Capability
  • Deploy using new Hyper-V support

 

The Symantec ...

Read more
Running SERT on older Pentium 4 systems
Wally | 14 May 2013 | 1 comment

Hello all - I just want to share this information with you.  It worked for me, but no guarantees...

We have a couple of older P4 systems (XP SP3 32-bit) with the Intel 865PE chipset and ICH5 controller.   We couldn't boot from the SERT CD on these systems - got a boot error 5 - probably has something to do with the older chipset and WinPE.

So, here's what we did to boot from a USB memory stick

First follow the instructions in TECH131578 -

http://www.symantec.com/business/support/index?page=content&id=TECH131578&profileURL=https%3A%2F%2Fsymaccount-profile.symantec.com%2FSSO%2Findex.jsp%3FssoID%3D1367256265628krhzFurGC64N88iGa5T5a6LD1sSGJF28647W0

with the following exception in Step 6....

Read more
Threat Landscape Evolves, Attacks More SMBs in 2012
Swathi Turlapaty | 13 May 2013 | 0 comments

Over the last year, the threat landscape has radically changed as cyber criminals diligently find new ways to attack encrypted data through various channels.  The annual Symantec Internet Security Threat Report (ISTR) revealed that Web-based attacks increased 30% in 2012. Surprisingly though, is that a majority of those attacks targeted small business with less than 2,500 employees, proving that no matter what size your business is, it’s vulnerable to potential attacks. Other results from the ISTR indicated a rise in targeted attacks, sub-standard website security increases risk, mobile malware is a growing concern, and that new tactics, like ransomware, will continue to evolve. To read more about the ISTR findings and learn how to better protect your small business from malicious attacks, follow this link: http://bit.ly/14QmmJ6     

Read more
SSIM centralized event monitoring and unbeatable part of ISMS
Milan_T | 09 May 2013 | 0 comments

IT is tagged as a burden on business with huge annual expenses.

On the other hand businesses today face a considerable challenge to deliver ever-improving service levels to meet and exceed the expectations of their business users for service quality, availability, and security while optimizing resources and operations costs to manage and maintain the IT infrastructure. Monitoring and managing these increasingly complex infrastructures is a growing problem.

IT professional’s main challenge is to secure the increasingly time-intensive task of infrastructure and device management, increasing the overall availability of network resources to support broader use of converged technologies.

About ISMS:

Information Security Management System (ISMS) can foster efficient security cost management, compliance with laws and regulations, and a comfortable level of interoperability due to a common set of guidelines...

Read more
Cyber Security Trends and Threats
tiffany_jones | 03 May 2013 | 0 comments

Recently, I had the opportunity to speak to an esteemed group of people at the Fordham Law Center on National Security.  My topic revolved around the latest Cyber Security Trends and Threats, relying on stats from Symantec's latest Internet Security Threat Report (just released last month).  The link to the report is here: http://www.symantec.com/security_response/publications/threatreport.jsp

Areas of discussion included the rise in highly targeted attacks, increased threat to small businesses, ransom ware, and the Elderwood Project. Attendees ranged from venture capitalists, law firm partners, law enforcement officials, business consultants, policy analysts, among others.  This was a great opportunity to raise awareness about the importance of cybersecurity and stress the importance of "shared responsibility".  We each have a role to play...

Read more