Video Screencast Help
Search Video Help Close Back
to help

Security Community Blog

Showing posts tagged with Endpoint Protection Small Business Edition 12.x
Showing posts in English
Mithun Sanghavi | 01 Nov 2012 | 3 comments

 

The Latest version of LiveUpdate Administrator (LUA) version 2.3.2 is now available.

Contact Symantec Technical Support to grab the Latest Copy of LiveUpdate Administrator (LUA) version 2.3.2

The installation file (147.35 MB) and will later be included on the SEP 12.1 RU2 DVD’s (SEP 12.1 RU2 is yet to be released)

Some of the features included in this release

  • Packaged with Apache Tomcat version 7.0.26 and PostgreSQL version 9.1.3.
  • Packaged with JRE 1.7 (private JRE, automatically bundled, installed and configured by the LUA installer).
  • Enhanced security with advanced features to protect the User Interface from certain attacks.
  • Added the ability to modify the LUA download directory path at any time (not just at install time).
  • Product Catalog will now automatically update to ensure catalog changes become available without any user...
Brandon Noble | 28 Aug 2012 | 0 comments

We have been seeing a recent wave of Trojan.Shylock variants with a lot of additional functionality than the older versions we have been used to.

Initially, many of these variants are detected generically as Backdoor.Trojan or Trojan Horse, but our new Shylock heuristic signatures (Trojan.Shylock!gen6 and Trojan.Shylock!gen7) should be changing this to a more accurate naming convention, and should be picking up a much wider spread of these threats.

Additionally we are hearing about some behavior that we have not been able to reproduce. Reports are saying that legitimate documents are getting hidden and then shortcuts with the same name of the document are being added in their place. These shortcuts actually launch a thumbs.db(x) file which is the Shylock Trojan, and they are meant to trick the user into running the threat. This is common behavior of for threats, as noted in this blog article from May 2012,...

Wally | 14 May 2013 | 1 comment

Hello all - I just want to share this information with you.  It worked for me, but no guarantees...

We have a couple of older P4 systems (XP SP3 32-bit) with the Intel 865PE chipset and ICH5 controller.   We couldn't boot from the SERT CD on these systems - got a boot error 5 - probably has something to do with the older chipset and WinPE.

So, here's what we did to boot from a USB memory stick

First follow the instructions in TECH131578 -

http://www.symantec.com/business/support/index?page=content&id=TECH131578&profileURL=https%3A%2F%2Fsymaccount-profile.symantec.com%2FSSO%2Findex.jsp%3FssoID%3D1367256265628krhzFurGC64N88iGa5T5a6LD1sSGJF28647W0

with the following exception in Step 6....

Brandon Noble | 25 Apr 2013 | 2 comments

I. BACKGROUND:
We have been receiving a few scattered cases of outbreaks from a file labeled snkb00ptz.exe or snkb0ptz.exe, but it seems to be on the rise.

It's normally considered poor troubleshooting to use the file name for any type of identification of a threat, but recent examples have made this practical. Even though these files were detected as many different threat names and families (Trojan.gen, w32.IRCBot.NG, Downloader, etc), the cases all reported the same behavior and symptoms.

After some additional investigation, Symantec Security Response has broken out detection for W32.Inabot. That's short for the Insomnia IRC bot. More information is available from the makers of this threat in their manual, here: http://pastebin.com/dvpu8Zwb

For those of you familiar with W32.Changeup, much of this...

Mithun Sanghavi | 09 Apr 2013 | 23 comments

 

Hello,

Symantec Endpoint Protection 12.1. RU2 MP1 is Released Today as on 8th April 2013.

You may find the Latest Release of Symantec Endpoint Protection 12.1.RU2 from: https://fileconnect.symantec.com/

SEP 12.1.2_MP1.JPG

 

This build's version is: 12.1.2100.2093.

Migration paths

Symantec Endpoint Protection 12.1.2100.2093 (RU2 MP1) can migrate seamlessly over the following:

  • Symantec Endpoint Protection 12.1.2015.2015 (RU2)

This Symantec Release build contains:

  • 18 top impacting fixes.
  • 25 internal defect fixes
  • Security updates for JRE
     

KnowledgeBase Articles:

Release Notes and...

Kari Ann | 31 Mar 2013 | 2 comments

Survey Closed. Thank you to all those that participated. We'll be drawing the Amazon gift card winner next week. 

The Symantec Endpoint Protection Team is conducting customer research through a simple survey. In less than 2 minutes, share your thoughts on SEP 11 verses SEP 12, hepful resources, and provide the product team perspective on your IT security challenges. 

To thank you for your time, we'll award you 25 Symconnect points and enter you for a drawing for a $100 Amazon gift card, awarded in April 2013.

Seyad | 25 Feb 2013 | 0 comments
If the 12.1 client istallation fails, look for the keyword "startrollback.sis" in the SIS_INST.LOG.

The reason for the failure of the installation would be last action performed before the rollback started and it would be found in the lines just above the result found for the keyword searched.

Example: In this example the installation failed as the start menu shortcut couldn't be created.
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
2013-02-18T00:54:32.074Z INFO  I SIS    Executing action ( 294 ) - CreateService  currentPosition: 138348
2013-02-18T00:54:32.074Z DEBUG I SIS      [CreateServiceBase] Validated service name.
2013-02-18T00:54:32.074Z DEBUG I SIS      [CreateServiceBase]...

Vikram Kumar-SAV to SEP | 05 Feb 2013 | 0 comments

 

Symantec keeps tab on the changing Threat Landscape and incorporates relevant security on its products.Same is the story with SAV to SEP to now SEP 12..

When we had SAV in the market what our customer needed was just a Antivirus to protect their system from downtime..here antivirus was looked more as a Availability facilitator than a core security product..till early 2000.

Even though we had SCS (firewall and IPS) seclected people used the other features.

Starting from 2006-2007 that was a high rise in malware being created and vulnerabilities being exploited..slowly the trend changed and it all came down to money making malwares..

FakeAntivirus, Downadup, Various Blackmailing Trojans etc..here the audience was not high profile..and SEP 11 very well detect and blocks and does whatever it can..Slowly people started using IPS, ADC and found much more can be done with SEP and they are doing it..

However in last few years there has been...

SebastianZ | 02 Feb 2013 | 0 comments

A small compilation from the Symantec Portfolio including Data Sheets of several Symantec Security Products.

 

- Symantec™ Endpoint Protection 12.1.2 (10/12)
http://www.symantec.com/endpoint-protection/data-s...

- Symantec Endpoint Protection Small Business Edition 2013 (11/12)
http://www.symantec.com/endpoint-protection-small-...

- Symantec™ Protection Suite Enterprise Edition - Comprehensive, powerful endpoint, messaging, and Web protection, for less
money (06/11)
...

Brandon Noble | 17 May 2013 | 12 comments

I. BACKGROUND:
In mid-2009, W32.Changeup, was first discovered on systems around the world. Over the last few years, Symantec Security Response has profiled this threat, explained why it spreads, and shown how it was created.  Since November 2012 we have seen weekly spikes the number of W32.Changeup detections and infections. The increase in detections is a result of a renewed W32.Changeup campaign now active and in-the-wild.

 

II. THREAT DETAILS:
When a system is compromised, W32.Changeup may install additional malware. These secondary threats have the ability to download even...