Video Screencast Help

Security Community Blog

Showing posts in English
Bryan S | 24 Jan 2014 | 1 comment

After a virus/malware outbreak, SEP is corrupt. Re installation results in either a rollback or a failed installation of SEP. A message will show in SEPM that the installation failed and that the Baseline Filtering Engine could not start. When you go to SEPM you will see the PC in question in Yellow and red.

Brandon Noble | 23 Jan 2014 | 2 comments

Recently we have seen a re-emergence of polymorphic file infectors, AKA viruses.

Threats like W32.Sality and W32.Xpiro are using some old-school tactics to infect good files and spread through networks. As the former captain of my high school analogy team, I’m writing this informal blog to help de-mystify some of the difficulties around dealing with these kinds of threats.

If we think of our normal run-of-the-mill Trojans and worms like a specific kind of fruit, it helps a little bit. Let’s say we need to create detection for an apple…That’s pretty simple right? We look for common traits that the apple has with other apples of the same kind. Something like this:
IF fruit AND red skin AND white flesh AND black seeds>detect W32.Apple!red
So now we can detect Galas,...

Philip Routley | 22 Jan 2014 | 0 comments

You need to think global in the 21st century. But sometimes it’s vital to keep a local perspective too. Take internet security. Many threats have a worldwide character but, in every country, consumers and businesses also face specific dangers every time they go online with their laptops, tablets, smartphones or desktops.

riva11 | 21 Jan 2014 | 0 comments

SplashData has compiled a list of the 25 worst passwords of 2013.  This list is from files containing stolen passwords posted online during the previous year.

This year's list is heavily influenced by the large number of Adobe user passwords posted online following the company's 2013 security breach.

 

"Seeing passwords like 'adobe123' and 'photoshop' on this list offers a good reminder not to base your password on the name of the website or application you are accessing," says Morgan Slain, CEO of SplashData.

SplashData's list of frequently used passwords shows that many people continue to put themselves at risk by using weak, easily guessable passwords. Some other passwords in the Top Ten include "qwerty," "abc123," "111111," and "iloveyou."

"Another interesting aspect of this year's list is that more short numerical passwords showed up even though websites are starting to enforce stronger password policies," Slain...

Jeannie Warner | 20 Jan 2014 | 0 comments

Are you passionate about security? Love solving difficult problems? Want to work with a wide variety of technologies and platforms? Come work with Symantec! Security Analysts in Symantec's Managed Security Services work on a world class team to identify threats within client environments, in order to keep clients secure. This includes real time review of security incidents, analysis of logs and alerts, and escalation to the client for severe incidents.

The full job description is below:

Responsibilities

•             Monitoring and analyzing logs and alerts from a variety of different technologies (IDS/IPS, Firewall, Proxies, Anti-Virus, etc…), across multiple platforms.

•             Assessing the security impact of security alerts and traffic anomalies on customer networks.

•     ...

Jesper_Mathiasson | 17 Jan 2014 | 0 comments
There are too many service requests that are handled manually and spread across multiple systems, which are repeatable and are using several approval steps. That makes the service delivery both time consuming and cost inefficient. 
 
Zitac SEP Process Automation creates the right possibilities to make the SEP administration more efficient and increase the end user experience without affecting security. Zitac has today created a number of predefined automated processes that easily can be integrated in your environment with focus on:
 
  • Secure delegation of the SEP administration based on user or group specific needs
    - Firewall policies
    - Situation based policies. For example to allow USB connected storage devices
  • Manage Virus outbreaks by predefined automated processes
    - SMS alerts
     
  • SEP Group administration
    - In...
Symantec Corp. | 16 Jan 2014 | 3 comments

Gartner Inc. has once again positioned Symantec as a Leader in the Magic Quadrant for Endpoint Protection Platforms (EPP) – a position Symantec has held for a 12-year span.¹ We believe this leadership position in the 2014 Magic Quadrant report, published January 8th, 2014, and Symantec’s recent positive vendor rating by Gartner² are indications of a strong product offering that performs well in detection, protection and performance.

According to the new Magic Quadrant report, which positions vendors based on their ability to execute and completeness of vision, “protection from common malware, as well as more advanced persistent threats, is the top critical consideration for EPP buyers.” The report further states that the rise of targeted attacks is “shredding what is left of the anti-malware markets stubborn insistence in reactive protection techniques,” and highlights the need for EPP solutions to...

smartblogger | 16 Jan 2014 | 0 comments

An SSL certificate is the internet’s symbol for security on a website. It means that the internet user is protected for all the data that they provide on that website.

SebastianZ | 15 Jan 2014 | 2 comments

Microsoft Security Bulletin

On Tuesday the 14th of January Microsoft released the monthly Security Bulletin Summary for January 2014. The summary includes 4 Security Bulletins that cover altogether 6 CVEs - all are classified as important:

 

  • MS14-001    Vulnerabilities in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (2916605)

Vulnerability impact: Remote Code Execution
Word Memory Corruption Vulnerability    CVE-2014-0258
Word Memory Corruption Vulnerability    CVE-2014-0259
Word Memory Corruption Vulnerability    CVE-2014-0260

  • MS14-002    Vulnerability in Windows Kernel Could Allow Elevation of Privilege (2914368)

Vulnerability impact: Elevation of Privilege
Kernel NDProxy...

SebastianZ | 10 Jan 2014 | 0 comments

January 9, 2014 - Symantec has posted SYM14-001 Security Advisories relating to Symantec Products - Symantec Endpoint Protection Privilege Assumption, Policy Bypass, Local Elevation of Privilege. This is medium severity vulnerability. Detailed information about the vulnerabilities and what SEP builds are affected can be found at:

http://www.symantec.com/security_response/security...