Video Screencast Help
Security Community Blog
Showing posts tagged with Endpoint Protection (AntiVirus)
Showing posts in English
Brandon Noble | 30 Aug 2012 | 7 comments

Greetings everyone.

We are still getting a lot of questions about Symantec's coverage of the most recent Java 0-Day. I thought I would take a moment to jot down a list of our current coverage for this event, and hopefully save everyone some time and hassle.

Current Coverage:

  • ...
Brandon Noble | 23 Aug 2012 | 0 comments

We have been seeing a recent wave of Trojan.Shylock variants with a lot of additional functionality than the older versions we have been used to.

Initially, many of these variants are detected generically as Backdoor.Trojan or Trojan Horse, but our new Shylock heuristic signatures (Trojan.Shylock!gen6 and Trojan.Shylock!gen7) should be changing this to a more accurate naming convention, and should be picking up a much wider spread of these threats.

Additionally we are hearing about some behavior that we have not been able to reproduce. Reports are saying that legitimate documents are getting hidden and then shortcuts with the same name of the document are being added in their place. These shortcuts actually launch a thumbs.db(x) file which is the Shylock Trojan, and they are meant to trick the user into running the threat. This is common behavior of for threats, as noted in this blog article from May 2012,...

ABN | 22 Aug 2012 | 1 comment

Hello Gents,

We normally do come across the scenario of Live update affecting our ususal work of, being a Symantec administrator. Scenarios like

  1. Clients do not have the ability to launch liveupate even though policy is been set to do so. Or vice versa.
  1. Low disk space causing SEP not to update on critical serves. Definition is stored only on the OS drive were space is a major concern.

 

By default the SEP definitions will be stored in the Operating System drive even if we install it in a different partition.

With the following process we can configure the Liveupdate settings, the number of revision that is kept on the SEP (client) and also change the location on where it is stored.

 

I )   To enable Liveupdate on the SEP.

    From SEPM:

    http...

Mohammad Altaf Khan | 15 Aug 2012 | 1 comment

 

(Reuters) - Saudi Arabian Oil Co (Saudi Aramco) SDABO.UL said its computer systems had been shut down by a virus late on Wednesday, but it added that production had not been affected.

"An official source of Saudi Aramco confirmed that it had isolated electronic systems for the entire company today and cut off external access as an early precaution," said a statement in Arabic from the company.

The world's biggest oil company said that although the virus affected some computers, it did not penetrate key components of the network, which it said would return to normal operating mode soon.

"The source ... reiterated the lack of any effect at all on the work of production due to the strength of advanced protection systems," the statement added.

Rumours had spread among traders earlier on Wednesday that the state-owned company had been subjected to a hacking attack.

(Reporting By Reem Shamseddine and Angus McDowall...

Jhildy11 Xcend Group | 14 Aug 2012 | 0 comments

In case you missed it, see the archived version from last weeks webinar " Learn How to Protect Even Your Hardest-to-Find IP with Intelligent Data Loss Prevention"

 

 

With the average cost of a breach now topping an incomprehensible $7 million, more and more organizations are looking to Data Loss Prevention solutions to protect their highest value data. Join XCEND, a Platinum Symantec partner and DLP Master Specialist, to learn how you can accurately detect and protect all types of confidential data wherever it is stored or used.  (54 min)
 
Here's the Link to see the Archived Version: https://www2.gotomeeting.com/register/430279362 or go to our website at www.xcendgroup.com  to...
Mark Alba | 26 Jun 2012 | 0 comments

End-user computing environments evolve continually, leading to increasingly mobile users that require access to their data and applications anytime from anywhere. Virtual Desktops are hence a critical component in delivering data and applications to any device, anywhere and anytime.  Such virtual access is often misconstrued to be an easy and manageable solution, while in reality, it is IT’s worst nightmare.  Virtual access to thousands of users brings security and manageability challenges.

Symantec and VMware’s partnership combines the industry leading solutions from both organizations to deliver secure and easy-to-manage virtual desktops.  This solution will provide enterprises and IT service providers with a cost-effective way of leveraging on-premise VDI with the efficiencies and scalability of cloud computing.

Symantec’s award-winning security and management solutions integrate with VMwareView to enable organizations embrace the...

Eileen | 21 Jun 2012 | 0 comments

Watch this video to hear what SMB customers are saying about SEP 12 as it relates to Kaspersky.

 

 

Symantec Corp. | 21 Jun 2012 | 0 comments

The Symantec Endpoint Protection and Mobility Group (EMG) includes three product families with a total of 30 products. Identifying problems and improving the customer experience in such a large organization is difficult and complicated. This case study shows how EMG uses customer feedback to help it find and fix problems and significantly improve the overall customer experience with all of its product offerings.

A major release of Symantec Endpoint Protection (SEP) was launched last year to excellent reviews. SEP product managers can point to several reasons why it was so successful, but one stands out. “We put a tremendous amount of resources into the new version,” said an SEP Product Manager, “but the improvements were based on customer feedback. We couldn’t have done it without their help.” Each quarter, the Endpoint Protection and Mobility Group (EMG), which includes Symantec’s core security product groups, receives 3,000 to...

riva11 | 07 Jun 2012 | 0 comments

Here an interesting article based on a Cambridge University study,  In which languages are internet passwords easiest to crack?

DESPITE entreaties not to, many people choose rather predictable passwords to protect themselves online. "12345"; "password"; and the like are easy to remember but also easy for attackers to guess, especially with programs that automate the process using lists ("dictionaries") of common choices. Cambridge University computer scientist Joseph Bonneau has recently published an analysis of the passwords chosen by almost 70m (anonymised) Yahoo! users. One interesting result is shown below. The chart shows what percentage of accounts could be cracked after 1,000 attempts using such a dictionary. Amateur linguists can have fun speculating on why the Chinese do so well and...

BJT | 04 Jun 2012 | 0 comments

At this time, Flamer seems to have targeted only a few hundred organizations and individuals located in a small segment of the globe. But make no mistake; Flamer is important worldwide.  The complexity of the code within Flamer is on par with that seen in Stuxnet; arguably the most complex piece of malware Symantec has analyzed to date.  However the mission of Flamer is much different from that of Stuxnet, which was designed to deliver a payload that disrupted the systems it was targeted toward.  Symantec and others’ research indicates that Flamer, as of this moment; is purely focused on capture and exfiltration of sensitive information.
   
The good news for our public sector customers is that Symantec has protections in place to detect this threat (W32.Flamer). Specifically, we have:

  • AntiVirus, AntiSpyware, IPS component, Symantec Insight, and Heuristics detection and conviction measures in Symantec Protection Suite...