Greetings everyone.

We are still getting a lot of questions about Symantec's coverage of the most recent Java 0-Day. I thought I would take a moment to jot down a list of our current coverage for this event, and hopefully save everyone some time and hassle.

Current Coverage:

• 24063 - Web Attack: Malicious Java Download 3
  Created prior to the advent of the 0day being used in the wild. This was detecting the Metasploit Exploit Module released for the exploit.

• 25826 - Web Attack: Blackhole Toolkit Website 30
  Also created prior to the 0 Day. This detects BlackHole Toolkits trying to make use of the new vuln as well.

• ...

Augmented by broadband penetration smaller and emerging cities of India are exploring opportunities offered by the virtual world. This group of connected people and businesses has reached critical mass and is lucrative enough to be targeted by cyber criminals.

Indian Cities such as Bhubaneshwar, Surat, Cochin, Jaipur, Vishakhapatnam and Indore are increasingly facing the risk of cyber attacks, with one in four bot- infections in India reported in such cities, reveals India findings of Symantec Internet Security Threat Report, Volume (ISTR) 17. Also, some cities that repeatedly appear in the list for origin of phishing in India - Ahmedabad,  Nashik and Coimbatore also figure in the list of bot-infections.  Botnets are networks of zombie machines that are used to perform sophisticated attacks  and conduct coordinated attacks. The presence of bot-infected computers in these locations indicates that they are being inducted as part of a network of compromised...

Hello Everyone,

Auto-Protect includes a feature that is called Download Insight, which examines the files that users try to download through Web browsers, text messaging clients, and other portals.

Supported portals include Internet Explorer, Firefox, Microsoft Outlook, Outlook Express, Windows Live Messenger, and Yahoo Messenger.

Download Insight determines that a downloaded file might be a risk based on evidence about the file's reputation. Download Insight is supported only for the clients that run on Windows computers.

You can enable or disable Download Insight and change how sensitive Download Insight is to potentially malicious files. You can also specify the additional criteria that Download Insight uses when it makes a decision about a file. Use these settings to help control the number of false positive detections.

You might want to customize Download Insight settings to decrease false positive detections on client computers. You can...

Be Safe, Be Secure

Protecting confidential information is a business requirement, and in many cases also an ethical and legal requirement.

Making a plan for what to do and what not to do, e.g., types of devices you need to secure and monitoring inbound avenues of threat infiltration and outbound avenues of confidential data exfiltration

Establishing detailed policies for what employees can and cannot do regarding webmail and social media access at work – taking into account employee morale as well as productivity

Deploying a multi-layered, multi-level defense that goes beyond traditional, separated defenses such as firewalls – which are largely ineffective against today's blended and targeted attacks

Symantec has released best practices/recommendation to protect data.

Security Response recommendations for Symantec Endpoint Protection settings

...