Video Screencast Help
Search Video Help Close Back
to help

Security Community Blog

Showing posts in English
Featured: LiveUpdate Administrator (LUA) version 2.3.2 is now available
Mithun Sanghavi | 01 Nov 2012 | 3 comments

 

The Latest version of LiveUpdate Administrator (LUA) version 2.3.2 is now available.

Contact Symantec Technical Support to grab the Latest Copy of LiveUpdate Administrator (LUA) version 2.3.2

The installation file (147.35 MB) and will later be included on the SEP 12.1 RU2 DVD’s (SEP 12.1 RU2 is yet to be released)

Some of the features included in this release

  • Packaged with Apache Tomcat version 7.0.26 and PostgreSQL version 9.1.3.
  • Packaged with JRE 1.7 (private JRE, automatically bundled, installed and configured by the LUA installer).
  • Enhanced security with advanced features to protect the User Interface from certain attacks.
  • Added the ability to modify the LUA download directory path at any time (not just at install time).
  • Product Catalog will now automatically update to ensure catalog changes become available without any user...
Read more
Featured: New Trojan.Shylock wave
Brandon Noble | 28 Aug 2012 | 0 comments

We have been seeing a recent wave of Trojan.Shylock variants with a lot of additional functionality than the older versions we have been used to.

Initially, many of these variants are detected generically as Backdoor.Trojan or Trojan Horse, but our new Shylock heuristic signatures (Trojan.Shylock!gen6 and Trojan.Shylock!gen7) should be changing this to a more accurate naming convention, and should be picking up a much wider spread of these threats.

Additionally we are hearing about some behavior that we have not been able to reproduce. Reports are saying that legitimate documents are getting hidden and then shortcuts with the same name of the document are being added in their place. These shortcuts actually launch a thumbs.db(x) file which is the Shylock Trojan, and they are meant to trick the user into running the threat. This is common behavior of for threats, as noted in this blog article from May 2012,...

Read more
Are you Protected Amidst the Modern-Day Threat Landscape?
Swathi Turlapaty | 20 May 2013 | 0 comments

The cyber threat landscape is evolving by the second. And according to Symantec's Internet Security Threat Report (ISTR) 2013, a variety of trends are underscoring the importance of having a layered approach to security.

For most, this begins and ends with the installation of a basic antivirus protection program. However, this approach is no longer effective as cyber criminals are shifting gears from single, high-profile attacks to finely-targeted assaults using little-known malware mutations. A lone antivirus protection program is simply obsolete with the immense complexities of the modern-day threat landscape. The only way to successfully thwart these viral security breaches is with a layered approach to security—one that only Symantec Endpoint Protection 12.1 can offer. Symantec’s multi-layered approach is a mix of intelligence-based technologies that scour files, the Web, and your network to ensure that malicious malware hasn’t intruded. With five...

Read more
NTLM Vs DCI (A Comparison of Symantec Web Gateway Features)
OmerCh | 18 May 2013 | 0 comments

 

Background

Symantec Web Gateway is state of the art proxy and web filtering solution for corporate local area networks. It has the capability to authenticate end users and provide them secure web browsing experience as per organization’s policies and requirements.

SWG can use one of the 2 authentication mechanisms available in it named

-          Domain Controller Interface (DCI)

-          NTML Authentication

SWG can only use one of these methods at a time.

 

Comparison of NTLM authentication and DC Interface Mechanisms

NTLM and DC Interface provide different kinds of authentication mechanisms and have difference in functionality as well.

DC Interface

DCI works by integrating with domain controllers in an organization. In order to do so we need to install a small piece of software on domain...

Read more
AV engine update - May 21st 2013
pete_4u2002 | 17 May 2013 | 0 comments

Reference: http://www.symantec.com/business/support/index?page=content&id=TECH205767

Symantec will post update to the AV Engine in Multiple Daily Virus Definitions on Tuesday May 21st 2013.

Beginning with the Virus Definitions that include the update AV Engine version 20131.1, additional files will be added. That update is expected to post in MDD1 on Wednesday May 21st.

Symantec Endpoint Protection 12.1+ and Norton AntiVirus/Norton Internet Security 2011+ customers will see 4 new index files.  Symantec Endpoint Protection 11+ and Norton AntiVirus/Norton Internet Security 2007+ products will see 8 additional index files.

As a result of the additional files, the size of each dated definition folder will increase. Note the size increase noted below will be the size that is added to the dated definition folders as they exist...

Read more
Running SERT on older Pentium 4 systems
Wally | 14 May 2013 | 1 comment

Hello all - I just want to share this information with you.  It worked for me, but no guarantees...

We have a couple of older P4 systems (XP SP3 32-bit) with the Intel 865PE chipset and ICH5 controller.   We couldn't boot from the SERT CD on these systems - got a boot error 5 - probably has something to do with the older chipset and WinPE.

So, here's what we did to boot from a USB memory stick

First follow the instructions in TECH131578 -

http://www.symantec.com/business/support/index?page=content&id=TECH131578&profileURL=https%3A%2F%2Fsymaccount-profile.symantec.com%2FSSO%2Findex.jsp%3FssoID%3D1367256265628krhzFurGC64N88iGa5T5a6LD1sSGJF28647W0

with the following exception in Step 6....

Read more
Threat Landscape Evolves, Attacks More SMBs in 2012
Swathi Turlapaty | 13 May 2013 | 0 comments

Over the last year, the threat landscape has radically changed as cyber criminals diligently find new ways to attack encrypted data through various channels.  The annual Symantec Internet Security Threat Report (ISTR) revealed that Web-based attacks increased 30% in 2012. Surprisingly though, is that a majority of those attacks targeted small business with less than 2,500 employees, proving that no matter what size your business is, it’s vulnerable to potential attacks. Other results from the ISTR indicated a rise in targeted attacks, sub-standard website security increases risk, mobile malware is a growing concern, and that new tactics, like ransomware, will continue to evolve. To read more about the ISTR findings and learn how to better protect your small business from malicious attacks, follow this link: http://bit.ly/14QmmJ6     

Read more
SSIM centralized event monitoring and unbeatable part of ISMS
Milan_T | 09 May 2013 | 0 comments

IT is tagged as a burden on business with huge annual expenses.

On the other hand businesses today face a considerable challenge to deliver ever-improving service levels to meet and exceed the expectations of their business users for service quality, availability, and security while optimizing resources and operations costs to manage and maintain the IT infrastructure. Monitoring and managing these increasingly complex infrastructures is a growing problem.

IT professional’s main challenge is to secure the increasingly time-intensive task of infrastructure and device management, increasing the overall availability of network resources to support broader use of converged technologies.

About ISMS:

Information Security Management System (ISMS) can foster efficient security cost management, compliance with laws and regulations, and a comfortable level of interoperability due to a common set of guidelines...

Read more
Cyber Security Trends and Threats
tiffany_jones | 03 May 2013 | 0 comments

Recently, I had the opportunity to speak to an esteemed group of people at the Fordham Law Center on National Security.  My topic revolved around the latest Cyber Security Trends and Threats, relying on stats from Symantec's latest Internet Security Threat Report (just released last month).  The link to the report is here: http://www.symantec.com/security_response/publications/threatreport.jsp

Areas of discussion included the rise in highly targeted attacks, increased threat to small businesses, ransom ware, and the Elderwood Project. Attendees ranged from venture capitalists, law firm partners, law enforcement officials, business consultants, policy analysts, among others.  This was a great opportunity to raise awareness about the importance of cybersecurity and stress the importance of "shared responsibility".  We each have a role to play...

Read more
The importance of security certifications
Philip Routley | 02 May 2013 | 0 comments

Outsourcing your company’s security demands a supplier that is big enough, resilient enough and secure enough to do the job properly. This is why Symantec.cloud invests so heavily in its infrastructure. Our global footprint includes 18 data centres across four continents, two network operating centres and thousands of servers handling email, Web, and instant messaging traffic.

We apply the highest standards to our data centres because our customers demand the highest levels of confidentiality, data integrity and reliability. Certifications like ISO 27001 and audit report standards like SSAE 16 are vital external instruments to demonstrate the quality and security of our cloud services. 

This post will provide an overview of the various certifications and why they are important

What is ISO 27001?

ISO 27001 is a security management standard to guide the development and implementation of an Information Security Management...

Read more