Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Community Blog
Showing posts in English
Mithun Sanghavi | 23 Dec 2013 | 0 comments
Release Updates (RUx) typically contain a significant number of fixes and may include feature-work or enhancements.  The current Release Update is considered the latest release of the product and is the appropriate version for most customers performing a new install or upgrading from an earlier release or build of the product.
 
Maintenance Patches (RUx MPx) contain a small number of fixes for specific customer issues and are based on a specific RU.  MPs can only be applied against the specific Release Update upon which they are based, e.g., RU6 MP1 can only be applied against RU6.  Maintenance Patches are appropriate for customers experiencing an issue that is resolved in the Maintenance Patch.

RTM - Release To Manufacturing

MR - Maintenance Release (Now replaced by the term "RU")

RU - Release Update...

Teresa Law | 19 Dec 2013 | 0 comments

Symantec is excited to be a Leader in the Gartner Magic Quadrant for Data Loss Prevention for the eighth* consecutive year!  In the latest report, Gartner evaluates DLP solutions and provides valuable insights into DLP vendors and market trends:

  • The DLP market is estimated to reach between $680 million and $710 million in 2013, and grow an additional 22% to 25% by the end of 2014, to reach approximately $830 million.
  • DLP deployments are seen more and more as business tools that need to be operated and managed by the business units themselves.
  • Malicious insider and well-intentioned insider threat detection is increasing in terms of [Gartner] client requests for DLP; as is better integration with business context awareness

....

Philip Routley | 15 Dec 2013 | 0 comments

Time to Get Serious about Endpoint Security

 

Time. Whatever business you’re in, there’s just never enough of it. That’s why today’s host of computing devices are so invaluable to small businesses where agility, flexibility, fast turn-round times and lightning-quick responses are vital to success and survival.

Home, hotel, café, client site – with laptops, tablets and other mobile technologies now complementing the ‘traditional’ desktop, anywhere is good if you need to get busy, get an answer, get creative or simply get in touch.

But the many benefits of the endpoint explosion come with a health warning. And that’s because endpoint security poses a potential minefield that every small business needs to detect and defuse effectively.

 

ENDLESS ENDPOINTS – WHAT YOU NEED TO KNOW

Any endpoint used by any employee is a possible weak spot in your network – a potential route in for malware, a...

Symantec Corp. | 04 Dec 2013 | 0 comments

by Vivian Tero, Data Center Security & Compliance, Information Security Group, Symantec Corp.

Today, the notion of “supply chain” has gone beyond the traditional physical flow of goods and services to include the flow of data across the business ecosystem.   In the digital supply chain, data is the valuable asset that must be protected, shared securely, managed and archived according to corporate, regulatory and legal mandates.   In this world of highly digitized services, businesses increasingly realize that one may outsource activities to a third party but they are still held accountable, not only for their own activities, but also for their suppliers and business partners.  In regulated industries, a third- or fourth-party vendors’ lack of accountability to regulators may leave a business exposed to civil and even criminal penalties.   As the threat landscape continues to evolve, the onus is, therefore, on...

captain jack sparrow | 03 Dec 2013 | 0 comments

can transmit information between computers using high-frequency sound waves inaudible to the human ear. The duo successfully sent passwords and more between non-networked Lenovo T400 laptops via the notebooks’ built-in microphones and speakers. Freaky-deaky!
The infected victim sends all recorded keystrokes to the covert acoustical mesh network. Infected drones forward the keystroke information inside the covert network till the attacker is reached.

ref:
http://www.pcworld.com/article/2068525/researchers...

DomSYMC | 02 Dec 2013 | 3 comments

In our constant endeavor to provide a better experience for our customers, we are in the process of updating our Certificate Revocation List (CRL) and Online Certificate Status Protocol (OCSP) infrastructure.

The upgrade for CRL lists has been transitioned and implemented on May 06, 2013. With the OCSP list undergoing an upgrade by January 13, 2014.

Here’s how you’ll benefit

  • Faster response time – CRL/OCSP requests will be served from the closest location to the user with dramatically improved average response times.
  • 100+ additional new sites – more sites handling CRL/OCSP requests mean improved availability and reliability all over the globe.

More information and best practices for updating any firewall policies and/or access control devices for this transition for both CRL and OCSP lists can be found referencing our knowledge base articles below.

...

InsentraCameronM | 30 Nov 2013 | 0 comments

Symantec Encryption Desktop (SED) is a PGP client that runs on Windows. SED is a single client that has many functions including:

  • Key management
  • PGP Zip
    • File encryption using keys or passwords
    • Create self-extracting archive files for people who do not use SED
  • PGP Shredder
  • PGP Messaging
    • Email encryption
    • IM encryption
  • File Share Encryption
    • Automatic/seamless encryption of all files in a Windows file share
  • PGP Disk
    • Full disk encryption
    • Partition encryption

Note: SED is compatible with GPG.

In the enterprise you will normally install Symantec Encryption Desktop with a license. However, you can install SED without a license and use it to encrypt, decrypt and sign files as well as use PGP Shredder to securely erase files.

Using SED without a license is a good way to learn about encryption...

Philip Routley | 24 Nov 2013 | 0 comments

“What’s the worst that could happen?” It’s one of those hackneyed phrases we’ve all grown tired of. But for small businesses, when it comes to cyber-crime and the threat it poses to commercial success and maybe even survival, this is exactly the sort of question you seriously need to ask yourself.

Small businesses are increasingly the prey of choice for clever, callous, determined cyber-criminals worldwide, with a rising tide of firms paying a crippling price for not putting effective defences in place. Take the firm that had key financial data locked by a ‘ransomware’ attack and caved in to a demand for $3000 to release it – a hefty bill no doubt compounded by the cost of business downtime, system clean-up, damaged reputation and the sheer trauma of this sorry saga. Or take the...

dougbowers | 18 Nov 2013 | 0 comments

Most people today rely on email as their method for business communication – sending and receiving hundreds of emails every day. This dependence on email can create a weak link in securing corporate information and expose a company to attacks. While hackers still use general spam emails and social engineering (or phishing) attacks against organizations, they are now increasingly pursuing sophisticated and targeted attacks that are far more difficult to differentiate from the emails we typically receive. In fact, Symantec’s 2013 Internet Security Threat Report found a 42 percent increase in targeted attacks in 2012.  

Most spam emails are relatively easy to identify and quarantine, but targeted attacks are customized for their recipients, making them harder to spot. For example, a company’s HR department could receive an email that requests that they click on a...

megamanVI | 07 Nov 2013 | 3 comments

Cryptolocker (http://en.wikipedia.org/wiki/CryptoLocker) is a new malware that surfaced recently. It is wreaking havoc on Windows file shares and locking people out of their files. The malware encrypts commonly used documents and prevents the user from accessing them. The malware will then attempt to extract payment from you to unlock your files. Arstechnica has a great writeup on this (http://arstechnica.com/security/2013/10/youre-infe...).

 

Some tips on dealing with this malware:

  1. Ensure your virus protection is up to date
  2. Restrict workstation permissions so that the general users have limited access rights...