Video Screencast Help
Security Community Blog
Showing posts tagged with Endpoint Protection (AntiVirus)
Showing posts in English
Mithun Sanghavi | 02 Oct 2012 | 4 comments

 

The Latest version of LiveUpdate Administrator (LUA) version 2.3.2 is now available.

Contact Symantec Technical Support to grab the Latest Copy of LiveUpdate Administrator (LUA) version 2.3.2

The installation file (147.35 MB) and will later be included on the SEP 12.1 RU2 DVD’s (SEP 12.1 RU2 is yet to be released)

Some of the features included in this release

  • Packaged with Apache Tomcat version 7.0.26 and PostgreSQL version 9.1.3.
  • Packaged with JRE 1.7 (private JRE, automatically bundled, installed and configured by the LUA installer).
  • Enhanced security with advanced features to protect the User Interface from certain attacks.
  • Added the ability to modify the LUA download directory path at any time (not just at install time).
  • Product Catalog will now automatically update to ensure catalog changes become available without any user...
Brandon Noble | 23 Aug 2012 | 0 comments

We have been seeing a recent wave of Trojan.Shylock variants with a lot of additional functionality than the older versions we have been used to.

Initially, many of these variants are detected generically as Backdoor.Trojan or Trojan Horse, but our new Shylock heuristic signatures (Trojan.Shylock!gen6 and Trojan.Shylock!gen7) should be changing this to a more accurate naming convention, and should be picking up a much wider spread of these threats.

Additionally we are hearing about some behavior that we have not been able to reproduce. Reports are saying that legitimate documents are getting hidden and then shortcuts with the same name of the document are being added in their place. These shortcuts actually launch a thumbs.db(x) file which is the Shylock Trojan, and they are meant to trick the user into running the threat. This is common behavior of for threats, as noted in this blog article from May 2012,...

SebastianZ | 17 Jul 2014 | 0 comments

Following Security Bulletins have been released in July 2014:

 

Microsoft

Microsoft Security Bulletin Summary for July 2014

https://technet.microsoft.com/library/security/ms14-jul

Symantec product detections for Microsoft monthly Security Advisories - July 2014

http://www.symantec.com/docs/TECH146537

 

MS14-037

Cumulative Security Update for Internet Explorer (2975687)

Critical 

Remote Code Execution

MS14-038

Vulnerability in Windows Journal Could Allow Remote Code Execution (2975689)

...
SebastianZ | 14 Jul 2014 | 0 comments

The newest version of LiveUpdate Administrator (LUA) - 2.3.3 has been released.

The version can be downloaded from here: http://www.symantec.com/docs/TECH134809

 

What's new in LiveUpdate Administrator 2.3.3

  • System requirements:

You can upgrade from 2.2.2.9 through 2.3.2 to 2.3.3.LiveUpdate is packaged with Apache Tomcat version 7.0.54 and PostgreSQL version 9.3.1. See “System requirements for LiveUpdate Administrator” on page 6.

  • Installation changes

When you install LiveUpdate Administrator, the installation folder, temporary folder, and download folder cannot be empty. Also, the root drive (such as C:\ or D:\) must use a subfolder that does not contain other files. The subfolder should use a local path, as network paths are not allowed.

...
ryanschoenherr | 08 Jul 2014 | 0 comments

Need complete visibility into your environment?  Do you find yourself reactive to breaches or always behind intrusions?  MetriX dashboards can provide complete visibility into your security environment and give you the power to be proactive!

 

Check out MetriXdashboards for more information and ways to utilize MetriX to increase your efficiency.

 

EP dashboard.png

DLP dashboard.png

 

For more information or to schedule a demo please contact:

Ryan Schoenherr

810-877-1743

...

Wui Wui Yu | 03 Jun 2014 | 0 comments

On 28 May 2014, 56 security professionals from the public and private sectors took up the Cyber Readiness Challenge in Malaysia.

The exciting four-hour interactive competition to capture the most flags provides a rare opportunity for the participants to put their security knowledge in action, sharpen their skills and compete against their peers through a cyber game.

Here are some photos of the participants in action during the intense competition:

CRC Malaysia - 1.png

The inaugural competition in Malaysia is designed for all levels of technical expertise and puts participants in the role of a cyber attacker seeking to infiltrate and exploit an organisation. It consists of a five-step Advanced Persistent Threat (APT) scenario which include reconnaissance, incursion, discovery, capture and exfiltration.

"The competition helps participants to understand the...

The Conquistador | 22 May 2014 | 0 comments

Every now and then I come across infections that are not picked up by SEP, or they happen to be picked up by SEP, but they only register "newly infected" or "Still infected"
The worst thing about these types of infections is there is not much on the surface. Some malware will stand out at you and pretty much tell you, "HEY YOU ARE INFECTED" by running it's own "level of protection" This will prevent you from running other programs or even accessing the internet to get files that can be beneficial in cleaning out this mess.

I have noticed that whenever things like this occur, I have to either google and/or download different parts of programs even though I already have an AV Program installed. One of the things I do is download MalwareBytes Anti Malware and the Norton Power eraser. These have been the two most powerful tools I have had in cleaning up infected files.
Once run, I am able to make great progress and get a PC/Server back on track....

Chetan Savade | 21 May 2014 | 1 comment

Hi,

PowerShell script to validate that all machines in your OU have Symantec Endpoint Protection (SEP) anti-virus client installed and started. Generates a color-coded Excel report highlighting problematic nodes.

Refer this link and download the script from here: http://gallery.technet.microsoft.com/scriptcenter/Symantec-Endpoint-8e47c450

Reference link: http://www.reddit.com/r/sysadmin/comments/25mtye/finding_symantec_endpoint_clients_on_network/

Note: This method is not supported by Symantec. Symantec recommends to use unmanaged detector.

riva11 | 24 Apr 2014 | 0 comments

Keeping your web browser up to date is very important for your own safety and security, but also it is important to install the latest add-ons whenever new versions become available.

 

What is a plugin?

  • Plugins power videos, animation and games
  • They're built outside of Firefox by companies like Adobe Systems and Apple
  • Plugins don't always update automatically.

 

Why should I update my plugins?

  • Old plugins can interrupt browsing and waste your time.
  • Old plugins increase your risk for attack by malware, viruses, and other security threats.
  • Updated plugins have improvements that make the web better and safer for you.

 

A simple way to check if you always have running the latest plug-ins is visit the Mozilla Plugin Check...

BalaP | 17 Apr 2014 | 0 comments

Symantec has released Endpoint Protection 12.1.4.1a (12.1.4.4130).

This release resolves the Heartbleed OpenSSL vulnerability

http://www.symantec.com/docs/AL1555