Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Community Blog
Showing posts in English
The Conquistador | 24 Jan 2014 | 1 comment

Here is how I corrected this

Baseline Filtering Engine service issue.

Good day everyone, here are the steps that worked for me with the BFE issue.

Error Code 0x80070424 with Windows Firewall and "Base Filtering Engine Service" Not available in services database list.



13,009 Points 10 3 3

Recent Achievements

Ratings Board President Blog Party Starter New Wiki Editor

View Profile

26 Dec 2011 11:44 PM

  • Comments 261
  • Likes
  • ...
Brandon Noble | 23 Jan 2014 | 2 comments

Recently we have seen a re-emergence of polymorphic file infectors, AKA viruses.

Threats like W32.Sality and W32.Xpiro are using some old-school tactics to infect good files and spread through networks. As the former captain of my high school analogy team, I’m writing this informal blog to help de-mystify some of the difficulties around dealing with these kinds of threats.

If we think of our normal run-of-the-mill Trojans and worms like a specific kind of fruit, it helps a little bit. Let’s say we need to create detection for an apple…That’s pretty simple right? We look for common traits that the apple has with other apples of the same kind. Something like this:
IF fruit AND red skin AND white flesh AND black seeds>detect W32.Apple!red
So now we can detect Galas,...

Philip Routley | 22 Jan 2014 | 0 comments

You need to think global in the 21st century. But sometimes it’s vital to keep a local perspective too. Take internet security. Many threats have a worldwide character but, in every country, consumers and businesses also face specific dangers every time they go online with their laptops, tablets, smartphones or desktops.

And it’s the threats that have been carefully crafted to exploit local trends and behaviours that are often the most plausible and destructive – and most likely to leave you counting the cost in terms of financial loss, stolen data, identity theft, disruption and inconvenience.

Korea is a prime example of what this means in practice. It’s a magnet for cybercriminals based both inside and outside the country, attracted by Korea’s affluence and its well-earned reputation as one of the world’s leading ‘online nations’. In this, the first country to reach 100% WiFi penetration, where 30 million people own smartphones and over 90% of homes have high-speed...

riva11 | 21 Jan 2014 | 0 comments

SplashData has compiled a list of the 25 worst passwords of 2013.  This list is from files containing stolen passwords posted online during the previous year.

This year's list is heavily influenced by the large number of Adobe user passwords posted online following the company's 2013 security breach.

"Seeing passwords like 'adobe123' and 'photoshop' on this list offers a good reminder not to base your password on the name of the website or application you are accessing," says Morgan Slain, CEO of SplashData.

SplashData's list of frequently used passwords shows that many people continue to put themselves at risk by using weak, easily guessable passwords. Some other passwords in the Top Ten include "qwerty," "abc123," "111111," and "iloveyou."

"Another interesting aspect of this year's list is that more short numerical passwords showed up even though websites are starting to enforce stronger password policies," Slain said. For example...

DomSYMC | 20 Jan 2014 | 0 comments

The Vulnerability Assessment (VA) scan is a service that each week performs a scan searching for common entry points for the domain you enrolled in for with a purchase of certain SSL certificates. 

If the scan finds any potential weakness within that domain that if breached could threaten your online security, an e-mail will be sent out informing the technical contact to pick up the results of the scan in a downloadable PDF report highlighting the most critical vulnerabilities if any are found.

The Vulnerability Assessment scan is a service that is available for following account types and products:

VA scan products.JPG

You may have lots of questions or may want to know more regarding the technicalities of the Vulnerability Assessment scan. Such as..

  • What IP address does it scan from?
  • What types of Vulnerability’s does the scan detect...
Jeannie Warner | 20 Jan 2014 | 0 comments

Are you passionate about security? Love solving difficult problems? Want to work with a wide variety of technologies and platforms? Come work with Symantec! Security Analysts in Symantec's Managed Security Services work on a world class team to identify threats within client environments, in order to keep clients secure. This includes real time review of security incidents, analysis of logs and alerts, and escalation to the client for severe incidents.

The full job description is below:


•             Monitoring and analyzing logs and alerts from a variety of different technologies (IDS/IPS, Firewall, Proxies, Anti-Virus, etc…), across multiple platforms.

•             Assessing the security impact of security alerts and traffic anomalies on customer networks.

•     ...

Jesper_Mathiasson | 17 Jan 2014 | 0 comments
There are too many service requests that are handled manually and spread across multiple systems, which are repeatable and are using several approval steps. That makes the service delivery both time consuming and cost inefficient. 
Zitac SEP Process Automation creates the right possibilities to make the SEP administration more efficient and increase the end user experience without affecting security. Zitac has today created a number of predefined automated processes that easily can be integrated in your environment with focus on:
  • Secure delegation of the SEP administration based on user or group specific needs
    - Firewall policies
    - Situation based policies. For example to allow USB connected storage devices
  • Manage Virus outbreaks by predefined automated processes
    - SMS alerts
  • SEP Group administration
    - In...
Symantec Corp. | 16 Jan 2014 | 3 comments

Gartner Inc. has once again positioned Symantec as a Leader in the Magic Quadrant for Endpoint Protection Platforms (EPP) – a position Symantec has held for a 12-year span.¹ We believe this leadership position in the 2014 Magic Quadrant report, published January 8th, 2014, and Symantec’s recent positive vendor rating by Gartner² are indications of a strong product offering that performs well in detection, protection and performance.

According to the new Magic Quadrant report, which positions vendors based on their ability to execute and completeness of vision, “protection from common malware, as well as more advanced persistent threats, is the top critical consideration for EPP buyers.” The report further states that the rise of targeted attacks is “shredding what is left of the anti-malware markets stubborn insistence in reactive protection techniques,” and highlights the need for EPP solutions to...

smartblogger | 16 Jan 2014 | 0 comments

Many people visit websites and see some form of notification that signifies that the website that they are accessing has an SSL certificate. This can be represented as an encircled tick mark, which is representative of a particular company providing internet security, or it can be in some other form. Very few internet users will stop for a minute to try and understand the importance of this form of certification on the websites that they visit. They do not realize that it is to their own detriment as they end up being victims of fraud on the internet.

An SSL certificate is the internet’s symbol for security on a website. It means that the internet user is protected for all the data that they provide on that website. It signifies that data sent between the website and the user is protected and cannot be accessed by a third party. This is not only useful for protecting the privacy on the internet but is also essential for any transactions that involve sensitive data. Users...

SebastianZ | 15 Jan 2014 | 2 comments

Microsoft Security Bulletin

On Tuesday the 14th of January Microsoft released the monthly Security Bulletin Summary for January 2014. The summary includes 4 Security Bulletins that cover altogether 6 CVEs - all are classified as important:

  • MS14-001    Vulnerabilities in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (2916605)

Vulnerability impact: Remote Code Execution
Word Memory Corruption Vulnerability    CVE-2014-0258
Word Memory Corruption Vulnerability    CVE-2014-0259
Word Memory Corruption Vulnerability    CVE-2014-0260

  • MS14-002    Vulnerability in Windows Kernel Could Allow Elevation of Privilege (2914368)

Vulnerability impact: Elevation of Privilege
Kernel NDProxy Vulnerability - CVE-2013-...