Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Community Blog
Showing posts in English
SebastianZ | 17 Jul 2014 | 0 comments

Following Security Bulletins have been released in July 2014:

 

Microsoft

Microsoft Security Bulletin Summary for July 2014

https://technet.microsoft.com/library/security/ms14-jul

Symantec product detections for Microsoft monthly Security Advisories - July 2014

http://www.symantec.com/docs/TECH146537

 

MS14-037

Cumulative Security Update for Internet Explorer (2975687)

Critical 

Remote Code Execution

MS14-038

Vulnerability in Windows Journal Could Allow Remote Code Execution (2975689)

...
InsentraCameronM | 14 Jul 2014 | 0 comments

Because of its non-centralised nature, PGP key management can be challenging. This is especially true when you are managing your own PGP keys.

Follow the steps below to get up and running quickly with PGP encryption.

Note: The steps below apply to all PGP/GPG clients.

Personal PGP Key Management

  1. Install a PGP client such as Symantec Encryption Desktop
  2. Create/generate a PGP private key
    1. Ensure that you use a strong pasword
    2. Set an expiry date
    3. Set an appropriate key strength
    4. Create a revocation certificate
  3. Create a PGP public key
    1. Export your public key using the following format for the filename: Firstname Lastname firstname.lastname@domain.com (0xFFFFFFFF) pub.asc
      1. Replace (0xFFFFFFFF) with you PGP public key's fingerprint/key id
  4. Distribute your PGP public...
SebastianZ | 14 Jul 2014 | 1 comment

The newest version of LiveUpdate Administrator (LUA) - 2.3.3 has been released.

The version can be downloaded from here: http://www.symantec.com/docs/TECH134809

 

What's new in LiveUpdate Administrator 2.3.3

  • System requirements:

You can upgrade from 2.2.2.9 through 2.3.2 to 2.3.3.LiveUpdate is packaged with Apache Tomcat version 7.0.54 and PostgreSQL version 9.3.1. See “System requirements for LiveUpdate Administrator” on page 6.

  • Installation changes

When you install LiveUpdate Administrator, the installation folder, temporary folder, and download folder cannot be empty. Also, the root drive (such as C:\ or D:\) must use a subfolder that does not contain other files. The subfolder should use a local path, as network paths are not allowed.

...
robertckl | 09 Jul 2014 | 0 comments

Today SSL is an integral part of online businesses and any secured communication. It is however not an area that many system administrators or security experts are comfortable with. For most administrators the correct installation of the private key and its corresponding certificate is sufficient. As long as the green bar, the padlock, or https:// can be seen during the SSL/TLS negotiation, both the administrators and their clients trust that the connectivity is secure.

 

However many security flaws and vulnerabilities have been discovered in the recent years. From the server side there is the infamous Heartbleed bug or CCS injection - CVE-2014-0224, side-channel attacks such as Beast, Lucky 13, Crime or BREACH, and others (SSL Attack Survey).  It is not sufficient to just have a correct installation of the private key and certificate pair on the server...

ryanschoenherr | 08 Jul 2014 | 0 comments

Need complete visibility into your environment?  Do you find yourself reactive to breaches or always behind intrusions?  MetriX dashboards can provide complete visibility into your security environment and give you the power to be proactive!

 

Check out MetriXdashboards for more information and ways to utilize MetriX to increase your efficiency.

 

EP dashboard.png

DLP dashboard.png

 

For more information or to schedule a demo please contact:

Ryan Schoenherr

810-877-1743

...

Sym_Chris | 25 Jun 2014 | 0 comments

Here in Symantec.cloud support, we speak to a lot of customers. We handle over 18 thousand client communications a month, via telephone, email, and online chat. It’s no wonder then, that we spend a lot of time looking at all our support data to ensure we do the right thing for you, the client.

One of the things we’ve found is that 1 in 4 support cases are not technical issues, but informational ones. Symantec.cloud put the technical folk right on the end of the phone to give you the best possible help and support. With that in mind, you may sometimes find it more convenient to use some of our other resources;

Online Help:

https://help.symanteccloud.com/Symhelp/Home.aspx/Default

Online Help has been created with set up and configuration in mind. If you are a new administrator or just need a reminder of how things work, there is no better place to learn how to get the...

Stephen Heider | 21 Jun 2014 | 0 comments

The following important changes are being made to the Symantec Data Loss Prevention (DLP) and Data Insight (DI) Knowledgebase.

The content for both products is moving to a new location, to the same Technical Support Knowledge Base for other Symantec products.

Please note:

linda_park | 17 Jun 2014 | 2 comments

Organizations are spending more on security and believe they’re adequately protected, yet data breaches continue to impact consumers, businesses and governments – the number of breaches jumped 62 percent in 2013. Overworked and understaffed, security teams are stitching together “good enough” security point products that weren’t designed to work together. Not only does this make you more vulnerable to breaches, but it also increases operational complexity.

Symantec Data Loss Prevention 12.5 introduces new features that give you greater control over your confidential data and simplify the management of DLP including:

  1. NEW! Single Server Installation support enables you to deploy the DLP detection servers, Enforce Platform, and Oracle database on a single physical server for branch offices or small organizations (1,000 users or less), and lowers hardware and maintenance costs.
  2. NEW! Self-Service Remediation...
srolleycsc | 13 Jun 2014 | 0 comments

Ive just come off 'Gigya's' latest Webinar about the power of social login for marketing.  You know, when you go to a website and your asked to create an account but you also have the option to simply join by using your facebook account.  Well there is a big problem with this and its not going to be long before hackers are all over it.  People dont realise that when they hit the 'login with facebook' account of whats actually happening and even for a professional its difficult to determine.

 

The issue is that the social login window is often sized very small and is not sizeable and you cant see the address its pointing at, so it might offer a fake one first, collect your login and password, say there was an error and ask you to try again, then offer you the real one and let you in so you dont think youve been conned.  People do this dozens of times per week and just trust that the little box is really connecting to facebook.  Invariably...

jjesse | 12 Jun 2014 | 0 comments

Symantec Data Insight (DI) can help customers who struggle with identifying data users and owners for their unstructured data.  DI helps a customer answer the following questions:

  1. Who owns the data?
  2. Who is responsible for remediation of that data?
  3. Who has seen the data?
  4. Who has access to the data?
  5. What data is most at-risk?

 

 

So what's new in Data Insight 4.5?  Here are 4.5 (get it?) awesome things about this release:

 

  1. Self-service portal to make remediation easier:  A portal that allows data owners and/or custodians of data to be able to remediate items directly potentially without the need for IT Security.  Actions can come from either the Data Loss Prevention (DLP) Portal or from Data Insight Management Server depending on the workflow.  

            A customer can create...