Video Screencast Help
Security Community Blog
Showing posts tagged with Endpoint Protection (AntiVirus)
Showing posts in English
Christopher Johnson | 16 Sep 2014 | 0 comments

On September 15, 2014, Symantec issued a SONAR release via Live Update definitions, which erroneously detected some low prevalence files as malicious. The false positive was reported as a SONAR.SuspLaunch detection.

Symantec discovered the issue and had a roll back release available to the field within forty five minutes.  But unfortunately some customers were affected by the issue.  All customers with current SONAR definitions  will not be affected by the issue. The problem has been corrected.

Symantec is currently addressing the internal factors that caused the problem and will make the proper changes to ensure we do not repeat this issue.

Srikanth_Subra | 10 Sep 2014 | 0 comments

On Tuesday, versions of Internet Explorer began blocking out-of-date ActiveX controls – primarily as a way of preventing security flaws from being exploited and users from being compromised.

The feature, which was discussed by Microsoft in August, works with Internet Explorer 8 through Internet Explorer 11 on Windows 7 SP1 and up, as well as on Windows Server 2008 R2 SP1 and up, according to a post, which adds it is active in all Security Zones except the Local Intranet Zone and the Trusted Sites Zone.

A notification bar in Internet Explorer will let users know when the browser is blocking an outdated ActiveX control, and will offer the option to update, the post indicates, adding that users can interact with parts of the webpage not impacted by the ActiveX control.

The company stated that Internet Explorer...

Kari Ann | 09 Sep 2014 | 0 comments

The best part of my job is when I get to talk to customers using Symantec Endpoint Protection. Like a moth to the flame, I’m curious about how our customers actually use the product, what they love about it, or what drives them a little crazy. Lately, I’ve peppered most conversations with two simple questions: 

1) Are you ready for the upcoming SEP 11 EOSL with up-to-date software? 

2) Are you aware of, and using, the full protection stack in SEP 12.1 (beyond Antivirus)?

In most cases, the answer to one or both questions is a variation of “nope.” Since I can’t talk to EVERY customer, we’re inviting you to take 5 minutes to conduct a Security Self-Assessment and share a few FREE resources that you may not be aware of, to help you maximize your security investment in Endpoint Protection. 

...

khaley | 27 Aug 2014 | 0 comments

The healthcare industry has for years been the number one industry in reported data breaches.  But this dubious honor has been driven in some part because healthcare has the most stringent reporting requirements of any industry.  In other words, unlike other industries, they have to report a data loss.  If every industry had the same reporting requirements, things might look quite different. 

Additionally, while healthcare has had the largest number of reported breaches, it has one of the lowest percentages of actual records lost.   Healthcare has more breaches than other industries, but each loss on average is quite small.

In 2013, according to Symantec’s Internet Security Threat Report (ISTR), 78% of all breaches in healthcare were because of theft or loss of a devices or because the data was accidently made public.  These are preventable breaches...

Chetan Savade | 27 Aug 2014 | 5 comments

#Updated: 22nd September'2014

This blog contains all the versions of SEP and SEPM (Symantec Endpoint Protection Manager) which were released since the first version of SEP in Sep 2007.

It contains the Enterprise Editions (EE) and Small Business Editions (SBE)

RTM - Release To Manufacturing

MR - Maintenance Release (replaced by RU)

RU - Release Update

MP - Maintenance Pack

PP - Point Pack

 

                            SEP Enterprise Edition/Small Business Edtion 12.1.x

Note: SEP 12.1 Enterprise Edition & Small Business Edition have the same version code and product name.

 Name

 Version

  Release date (English)

 RTM

 12.1.671.4971   

 Jul...

Kari Ann | 21 Aug 2014 | 1 comment

Demand for cyber-security professionals is growing twice as fast as other IT jobs, according to the report by Burning Glass, and the availability of necessary skills appears to be “outstripping supply.” Given the complex and competitive environment, how do cyber-security professionals keep up with the expertise required to move endpoints “beyond antivirus” in today’s digital age? 

Complex threats and internal challenges require focus on building an architecture with efficiency and effectiveness. A solid endpoint security architecture under-pins every foundation from the small-business to even the most complex enterprise. 

With constrained resources, is it possible to improve your security architecture without spending another cent? 

The simplest place to start is with Symantec’s...

Kari Ann | 07 Aug 2014 | 4 comments

The prevalence of zero-day vulnerabilities hit close to home this week when a North American penetration tester published a report claiming they had found a vulnerability in Symantec Endpoint Protection. The reality of Symantec’s ISTR vo. 19 seeing a 64%* increase in zero-day discoveries last year came alive as the Endpoint Protection product team reacted quickly to confirm and respond to the risk with a patch (available on FileConnect).

To date, no known compromise has been reported due to this medium severity vulnerability. The issue affects the Application and Device Control component of Symantec Endpoint Protection. If exploited, it could result in a client crash, denial of service or, if successful, escalate to admin privileges and gain control of the system.

It’s important to note that the vulnerability is not...

Brandon Noble | 01 Aug 2014 | 0 comments

Security Response is aware of an alert from US-CERT regarding a threat they are calling Backoff. This threat family is reported to target Point of Sale machines with the purpose of logging key strokes and scraping memory for data (like credit card info) and then exfiltrating the data to the attacker.

Symantec Security Response is currently investigating this threat family and is working to obtain samples that were mentioned in the IOC section of the CERT alert. All detections for threat files have been, or will, be mapped to: Trojan.Backoff

Detection information:
AV:      Trojan.Backoff – available in RR def 20140731.025 (156267)
IPS:   ...

SebastianZ | 17 Jul 2014 | 0 comments

Following Security Bulletins have been released in July 2014:

 

Microsoft

Microsoft Security Bulletin Summary for July 2014

https://technet.microsoft.com/library/security/ms14-jul

Symantec product detections for Microsoft monthly Security Advisories - July 2014

http://www.symantec.com/docs/TECH146537

 

MS14-037

Cumulative Security Update for Internet Explorer (2975687)

Critical 

Remote Code Execution

MS14-038

Vulnerability in Windows Journal Could Allow Remote Code Execution (2975689)

...
SebastianZ | 14 Jul 2014 | 0 comments

The newest version of LiveUpdate Administrator (LUA) - 2.3.3 has been released.

The version can be downloaded from here: http://www.symantec.com/docs/TECH134809

 

What's new in LiveUpdate Administrator 2.3.3

  • System requirements:

You can upgrade from 2.2.2.9 through 2.3.2 to 2.3.3.LiveUpdate is packaged with Apache Tomcat version 7.0.54 and PostgreSQL version 9.3.1. See “System requirements for LiveUpdate Administrator” on page 6.

  • Installation changes

When you install LiveUpdate Administrator, the installation folder, temporary folder, and download folder cannot be empty. Also, the root drive (such as C:\ or D:\) must use a subfolder that does not contain other files. The subfolder should use a local path, as network paths are not allowed.

...