Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Community Blog
Showing posts in English
Jeremy Henricks | 13 Nov 2014 | 6 comments

We need your help!  We would be grateful if you could give us about ten minutes of your time to help Symantec improve its knowledgebase content.

We know you want to get the right answers to your support questions, as quickly as possible. To do that, Symantec wants to provide you with online help articles that are easy to read and easy to use, and give you the information you need, when you want it. 

So that we can better understand your needs, we are asking for your feedback about two sample Symantec online help articles, each with two different versions. After you read the articles, please complete the short survey and share your opinions about the articles.  Thank you for your time—your responses will help us help you more effectively.

Test 1 – Push install Symantec Endpoint Protection 12.1 clients using Remote Push

Version A:

Brandon Noble | 19 Dec 2014 | 0 comments

Support is seeing an influx of calls on a spam attack with a Downloader.Upatre threat.

Because the threat is a downloader and the downloaded files have differing behaviors the following is general information on what we are seeing.

The threat generally:

  •          Arrives as in a .ZIP attachment
  •          Is initially a .SCR file, but will re-write itself as a .exe after execution
  •          Files names follow a similar naming convention
    •    document81723.scr
    •    payment_ref02812_pdf.scr
    •    fax8642174_pdf.exe
    •    document18731.scr
    •    payment-confirmed2763_pdf.scr
  •          Downloads additional threats and backdoors....
Rob Watton | 16 Dec 2014 | 0 comments

Verify is the UK government’s authentication scheme that is being developed to confirm the identity of online public service users via the GOV.UK portal. Existing provider Experian was the sole partner for GOV.UK private beta that ran from February to October 2014. This centred on the authentication of applicants for the new Common Agricultural Policy (CAP) Basic Payment Scheme, and came in for criticism from farmers due to the overly complex nature of the authentication process. However, a second provider (Dutch secure digital communication specialist Digidentity) has now been certified as an identity authentication provider for the scheme.

Full article available here

linda_park | 03 Dec 2014 | 0 comments

The Cloud Email Security Problem

Security, compliance and governance are key inhibitors to cloud email adoption in enterprises. When we talk with CISOs, it’s clear that no one is willing to lose visibility and control of confidential information like intellectual property and regulated data when they move to the cloud. And by giving up direct control over your email servers, it becomes increasingly difficult to ensure that well-meaning insiders and malicious actors won’t be able to leak or gain access to the valuable information stored on them.

The Symantec R&D team has been hard at work building a new enterprise-grade security solution to help you confidently move to cloud email without sacrificing visibility and control. Symantec Data Loss Prevention Cloud Prevent for Microsoft Office 365 seamlessly integrates the market-leading DLP technology with Exchange Online so you can proactively monitor and...

Symantec APJ | 24 Nov 2014 | 0 comments

Security analysts called 2013 the year of the mega breach, and severe vulnerabilities such as Heartbleed and Shellshock in 2014 showed that the security community can never rest on its laurels.

All indications are that 2015 will bring more of the same, with the struggle between those wishing to create new threats and exploit vulnerabilities and those looking to protect against them likely to intensify. Advancements in the Internet of Things also means consumers will have increased connectivity across their devices, gadgets and machines – and with this connectivity comes the potential for a whole new range of security risks.

Will the Internet of Things usher in a new wave of security attacks? As countries move towards their smart nation master plans, what role will Big Data play? What’s next in the mobile security space?

Symantec’s APJ security predictions for 2015 takes a look at issues that will affect individual consumers, businesses and governments in...

ryanschoenherr | 24 Nov 2014 | 0 comments

Novacoast is a Syamntec Platinum Partner and has partnered with MetriX Dashboards who have developed their our own unique real time dashboard solution. MetriX gives users the power to quickly and easily aggregate real-time data from any number of data sources into a single, consolidated view.

MetriX provides those within security with an unprecedented view into the organization’s security posture, while providing you with real-time notifications when thresholds or service levels are not being met. This ensures that IT can respond quickly to threats, thereby reducing risk associated with lack of timely visibility.

I thought this may be of intrest and wanted to share a screen shot of a few dashboards.

For additional information feel free to shoot me a note at or visit


Steve C Blair | 24 Nov 2014 | 0 comments

On behalf of all of us in Product Management and Engineering I would like to thank you for your willingness to be part of the DCS 6.5 Beta. For all of you who also filled in our survey, your anonymous responses were very helpful so we can better understand your needs, environment and the use-cases you want to investigate with our new product.

Updates since last Blog

Over late October and November, a lot of work has been going on with our Engineering teams who are busily preparing for the December Beta drop.  We have had a number of pre-Beta trials running inside the company, defect reviews and have a high confidence you will be impressed with our new UI, product features and flexibility to better secure your workloads in your data center.

You may recall in the previous Beta announcement we said we were investigating doing Hands-On Labs to give customers an opportunity to test without having to setup your own environment. Unfortunately this...

Avkash K | 20 Nov 2014 | 0 comments

Some bad news for Android users, A security weakness in Android mobile operating system versions below 5.0 has been noticed. It puts potentially every Android device at risk for privilege escalation attacks. It has been patched in Android 5.0 Lollipop – the latest version of the mobile operating system.

This vulnerability has been discovered by a security researcher named Jann Horn. 
This could allow any potential attacker to bypass the Address Space Layout Randomization (ASLR) defense and execute arbitrary code of their choice on a target device under certain circumstances. ASLR is a technique involved in protection from buffer overflow attacks.
The flaw resides in, which fails to check whether an Object that is being deserialized is actually a serializable object. The vulnerability was reported by the researcher to Google security team earlier this year.

Jann confirms ""When ObjectInputStream is used on untrusted inputs,...

Matt Cooke | 12 Nov 2014 | 0 comments

Symantec are building a new security client designed specifically for embedded systems.  We’ve taken the code base of our Critical System Protection client edition re-architected, feature enhanced and optimized it to run on embedded systems such as those used in industrial control systems, automotive, point of sale, healthcare and beyond.

We are inviting you to take part in our Symantec Embedded Security: Critical System Protection beta program beginning early December 2014. By participating in the beta program, you will be able to experience first hand the benefits of our new Internet of Things (IoT) product offering.

Key features in Symantec Embedded Security: Critical System Protection

Securing IoT devices: Symantec Embedded Security: Critical System Protection provides a signature-less policy-based approach to security for your terminals or embedded devices. Symantec Embedded Security: Critical System Protection...

Kari Ann | 05 Nov 2014 | 5 comments

Today, Symantec released a new security advisory impacting older versions of the Symantec Endpoint Protection Manager (SEPM). Product engineering teams have worked closely with SEC Consult Vulnerability Lab and @virtualminds_es to verify the vulnerabilities. The latest release, SEPM 12.1.5, is available on FileConnect and contains updates that prevent the issues and should be installed to prevent infection.

The issues affect XML External Entity Injection, reflected cross-site scripting and the potential for arbitrary file write/overwrite. The vulnerabilities are considered medium to high severity. With normal SEPM installation the affected port(s) should not be accessible without gaining initial access to the network. Successful exploitation of these vulnerabilities could result in unauthorized user-level access to the SEPM, elevated or application-level access on a server, or...