Video Screencast Help
Protect Your POS Environment Against Retail Data Breaches. Learn More.
Security Community Blog
Showing posts tagged with Endpoint Protection (AntiVirus)
Showing posts in English
Wui Wui Yu | 03 Jun 2014 | 0 comments

On 28 May 2014, 56 security professionals from the public and private sectors took up the Cyber Readiness Challenge in Malaysia.

The exciting four-hour interactive competition to capture the most flags provides a rare opportunity for the participants to put their security knowledge in action, sharpen their skills and compete against their peers through a cyber game.

Here are some photos of the participants in action during the intense competition:

CRC Malaysia - 1.png

The inaugural competition in Malaysia is designed for all levels of technical expertise and puts participants in the role of a cyber attacker seeking to infiltrate and exploit an organisation. It consists of a five-step Advanced Persistent Threat (APT) scenario which include reconnaissance, incursion, discovery, capture and exfiltration.

"The competition helps participants to understand the...

The Conquistador | 22 May 2014 | 0 comments

Every now and then I come across infections that are not picked up by SEP, or they happen to be picked up by SEP, but they only register "newly infected" or "Still infected"
The worst thing about these types of infections is there is not much on the surface. Some malware will stand out at you and pretty much tell you, "HEY YOU ARE INFECTED" by running it's own "level of protection" This will prevent you from running other programs or even accessing the internet to get files that can be beneficial in cleaning out this mess.

I have noticed that whenever things like this occur, I have to either google and/or download different parts of programs even though I already have an AV Program installed. One of the things I do is download MalwareBytes Anti Malware and the Norton Power eraser. These have been the two most powerful tools I have had in cleaning up infected files.
Once run, I am able to make great progress and get a PC/Server back on track....

Chetan Savade | 21 May 2014 | 1 comment

Hi,

PowerShell script to validate that all machines in your OU have Symantec Endpoint Protection (SEP) anti-virus client installed and started. Generates a color-coded Excel report highlighting problematic nodes.

Refer this link and download the script from here: http://gallery.technet.microsoft.com/scriptcenter/Symantec-Endpoint-8e47c450

Reference link: http://www.reddit.com/r/sysadmin/comments/25mtye/finding_symantec_endpoint_clients_on_network/

Note: This method is not supported by Symantec. Symantec recommends to use unmanaged detector.

riva11 | 24 Apr 2014 | 0 comments

Keeping your web browser up to date is very important for your own safety and security, but also it is important to install the latest add-ons whenever new versions become available.

 

What is a plugin?

  • Plugins power videos, animation and games
  • They're built outside of Firefox by companies like Adobe Systems and Apple
  • Plugins don't always update automatically.

 

Why should I update my plugins?

  • Old plugins can interrupt browsing and waste your time.
  • Old plugins increase your risk for attack by malware, viruses, and other security threats.
  • Updated plugins have improvements that make the web better and safer for you.

 

A simple way to check if you always have running the latest plug-ins is visit the Mozilla Plugin Check...

BalaP | 17 Apr 2014 | 0 comments

Symantec has released Endpoint Protection 12.1.4.1a (12.1.4.4130).

This release resolves the Heartbleed OpenSSL vulnerability

http://www.symantec.com/docs/AL1555

Chetan Savade | 17 Apr 2014 | 26 comments

Hello Everyone,

Symantec Endpoint Protection 12.1 Release Update 4 Maintenance Patch 1A (12.1.4104.4130 - 12.1 RU4 MP1a) English has been released and is now available for customers to download on FlexNet. This new SEPM release addresses the OpenSSL “Heart Bleed” vulnerability. Additional language versions will become available throughout the week.

Please refer to the following KB article for additional detail:

Is Symantec Endpoint Protection affected by the Heartbleed OpenSSL vulnerability (CVE-2014-0160)

  • The new SEPM build is labeled RU4 MP1a with a version number of 12.1.4104.4130.
  • This version of the SEPM is supported for migrations over any version of the SEPM (Customer does not need to update to RU4 prior to applying the MP1a)
  • The only...
SebastianZ | 14 Apr 2014 | 0 comments
  • Symantec Product Security has posted SYM14-005 Symantec LiveUpdate Administrator Unauthenticated/Unauthorized Account Access Modification and SQL injections advisory. This is a high severity advisory which affects LiveUpdate Administrator 2.3.2.99 and earlier. As part of normal best practices, Symantec strongly recommends keeping all operating systems and applications updated with the latest vendor patches.

Affected Products

...

Product

Version

Build

Solution(s)

Symantec LiveUpdate Administrator

2.x

2.3.2 and prior

Upgrade to LUA 2.3.2.110

Wally | 08 Apr 2014 | 0 comments

In addtion to the steps to follow in HOWTO54944 Licensing an unmanaged client,  after the .slf file is placed in the client's inbox as described in the HOWTO article, check the client's system log.

In the client's UI - VIEW LOGS>Client Management Log>System Log.  An entry appears that states "The client has successfully applied a license file (nnnnnnnn) from the inbox.", where nnnnnnnn is the name of the license file.

Some time after the license file is applied, another entry appears - "[Client authentication token request} Information submitted to Symantec]  Size bytes (nnn)" where nnn is the length of the CAT request.

If a valid license is not present, the CAT request will fail.

Muad'Dib | 03 Apr 2014 | 0 comments

I ran into an issue changing the Installed Feature set on clients and i wanted to share my solution.

I was following the below tech Article on how to add or remove features:

http://www.symantec.com/docs/TECH90936

What was happening is that when the client received the new Install Package with the updated feature set, the client would never update its installed features.

For example, if i had a client group which was installed without the Firewall feature, but then i wanted to add the Firewall feature it would not install.

After tons of searching around i found the following VERY helpful post:

https://www-secure.symantec.com/connect/forums/remove-sep-components-update-content

My situation was very similar. If the client was upgrading versions (for example from 12.1 RU3 to 12.1...

Chetan Savade | 03 Apr 2014 | 70 comments

Hello Everyone,

Symantec Endpoint Protection 12 RU4 MP1 is released.

This build's version is: 12.1.4100.4126

What's new in this release:

Extended upgrade support

  • Unlike most maintenance patch releases, you can upgrade any version of Symantec Endpoint Protection directly to 12.1.4.1. Unsupported downgrade paths still apply.

Expanded operating system support

  • The Symantec Endpoint Protection (SEP) client is now supported on Windows To Go (Windows 8.1 Enterprise).
  • Symantec Endpoint Protection Manager (SEPM), the SEP client, and the Symantec Network Access Control client are now supported on Windows 8.1 Update 1.
  • SEPM, the SEP client, and the Symantec Network Access Control client are now supported on Windows Server 2012 R2 Update 1

Note: If in case you do not see the SEP 12 RU4 MP1 Release on...