Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Community Blog
Showing posts in English
James L | 19 Mar 2014 | 0 comments

Internet security never looked the same after Netscape Communications created the SSL certificate in 1994. Looking at the Internet’s growing popularity then, it was easy to see it becoming a dangerous medium in not-so-distant future. Developers at Netscape took the cue and started putting in the effort to utilize strong encryption algorithms in the forming of an SSL certificate, to make sure the important data stored on the web is only seen by the intended parties. Thanks to their earnest efforts; today, Secure Socket Layer (SSL) certificates have become an integral element of website security, especially in case of e-commerce and banking websites.

SSL certificates are issued by Certificate Authorities (CAs), who manage security credentials and public keys for the actual message encryption. As Internet users became more aware of Cyber Security, SSL certificates became the most sought after solution to fight cyber crime. And it still is today, when it comes to safely...

The Conquistador | 14 Mar 2014 | 8 comments

Checklist for scanning suspicious files
1.    Disconnect any drive mappings and check to see if the PC has any shared folders
2.    Stop the shares if they are present, they can be reestablished if necessary after cleanup
3.    Take the PC OFF the network
4.    Check disk space, lack of disk space can cause multiple issues
5.    Check to see if any users have local admin rights, if they do, remove them
6.    Check the “Run” Key in the registry for any suspicious entries (Check on HKEY_LOCAL_MACHINE AND     HKEY_CURRENT_USER
    Delete any suspicious entries from
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
7.    Check for old windows user profiles, check with...

Steve C Blair | 13 Mar 2014 | 0 comments

Hi all,

The DCS Data Store Security PM core team needs your help to gather some very detailed Data Center information as we work on refining future product features. We have built up a 20 question anonymous survey that we would appreciate your input regardless if you are a current customer or a prospect.

The anonymous survey is on the what/how/when of securing workloads for storage platforms/applications in a Data Center which opened yesterday and close on 26 March 2014. Any SysAdmin/Security Admin should be able to complete this as we are working to understand needs of customers' business for security of storage, and protection from anti-virus and malware in the Enterprise.

Help us define our next-generation Data Center Security Products and have your voice clearly heard. Our Product Management team is conducting an anonymous survey that will take a maximum of 10 minutes to fill out on https://...

SebastianZ | 13 Mar 2014 | 0 comments

Symantec Help (SymHelp) is a diagnostic utility used to help automate support for multiple Symantec products.  SymHelp features a new utility, the Threat Analysis Scan, that can help to identify suspicious files on a system.  This new feature replaces the previously known Load Point Analysis and Power Eraser tools.

Use the Threat Analysis Scan when you believe there might be malware on a system but security software is either unable to detect it or to remediate it. The Threat Analysis Scan can help to identify the following types of malware

  • New variants of existing threats that are not detected by the current definition sets
  • Fake antivirus applications and other rogueware
  • Rootkits
  • System settings that have been tampered with maliciously

Because the Threat Analysis Scan uses aggressive heuristics to detect these threats, there is a risk that...

SebastianZ | 06 Mar 2014 | 2 comments

Symantec has released the newest version of Symantec Protection Engine for NAS and Symantec Protection Engine for Cloud Services

The release build number is 7.5.0.34

To download this release go to: https://symantec.flexnetoperations.com/control/symc/registeranonymouslicensetoken

Symantec Protection Engine for Cloud Services:

spe_cs.png

Symantec Protection Engine for NAS:

spe_nas.png

What's New in Protection Engine for Cloud Services 7.5 and Symantec Protection Engine for NAS 7.5

  • New hypervisor support: Symantec Protection Engine...
Sara Pan | 03 Mar 2014 | 2 comments

We have an important update to share with you regarding Symantec Network Access Control. At Symantec, we actively monitor security threats and trends in the industry, and after careful review and consideration, we have made the decision to End of Life (EOL) Symantec Network Access Control. The growth of Bring Your Own Device (BYOD) and the integration of access control technology into networking devices offered by most network hardware vendors have reduced the need for standalone NAC solutions. The discontinuation of Symantec Network Access Control will free up valuable resources to focus on our endpoint security offerings, including advanced threat protection and protection from newer security risks that impact your enterprise today.

Moving forward, Host Integrity, a feature of Symantec Network Access Control, will be integrated into a future release of Symantec Endpoint Protection (SEP). Customers who have SEP entitlement can continue to use the Host Integrity feature....

Chip Epps | 03 Mar 2014 | 0 comments

Virtualization and “software defined” initiatives have shifted how we look at security controls. Let’s take a look at some of the factors to consider in designing security controls for a software defined data center (SDDC). To this end, Symantec has introduced a suite of data center security products:

  • Symantec Data Center Security: Server, and
  • Symantec Data Center Security: Server Advanced

dcs-blog-1.png

Key Challenges:

Abstraction
Security has often leveraged or worked within “physical” boundaries, e.g. a single task server with fixed resources (CPU, memory, disk space). Administrators could easily associate a piece of hardware, in location X, with a particular set of applications or services. With abstraction and the advancement of virtualization comes the transition...

Brian Burch | 25 Feb 2014 | 0 comments

Over the next few weeks, 23 million small businesses will file their taxes.[1]  While many of these companies are investing time and money to identify their 2013 tax deductions,  most don’t realize that small businesses like theirs are being identified as online targets—an oversight that could result in devastating financial loss for their business.  And at tax time, small businesses are especially lucrative targets for cybercriminals, particularly in the BYOD era where work and personal data is accessed on the same device, including bank records and sensitive emails.

In today’s interconnected world, organized crime syndicates utilize a variety of malicious tax-themed scams designed to lure victims and steal important financial information. For example, Symantec has detected a rise in tax-season-specific ‘phishing’ scams—referring to the attempted theft of sensitive information such as usernames, passwords, or...

SebastianZ | 25 Feb 2014 | 0 comments

Apple released a security update of iOS 7.0.6 - details as follows:

---------

Available for: iPhone 4 and later, iPod touch (5th generation), iPad 2 and later

Impact: An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS

Description: Secure Transport failed to validate the authenticity of the connection. This issue was addressed by restoring missing validation steps.

CVE-ID-> CVE-2014-1266:

The SSLVerifySignedServerKeyExchange function in libsecurity_ssl/lib/sslKeyExchange.c in the Secure Transport feature in the Data Security component in Apple iOS 6.x before 6.1.6 and 7.x before 7.0.6, Apple TV 6.x before 6.0.2, and Apple OS X 10.9.x before 10.9.2 does not check the signature in a TLS Server Key Exchange message, which allows man-in-the-middle attackers to spoof SSL servers by using an arbitrary private...

Chetan Savade | 21 Feb 2014 | 3 comments

Hello,

Symantec Endpoint Protection 12.1.4a and 11.0.7.4a has been released on Feb 13' 2014.

The Builds version is: 12.1.4023.4080

SEP released version details are available here: https://www-secure.symantec.com/connect/articles/what-are-symantec-endpoint-protection-sep-versions-released-officially

Download here Symantec Endpoint Protection 12.1.4a and 11.0.7.4a :

https://symantec.flexnetoperations.com/control/symc/registeranonymouslicensetoken

SEP 12.1 Enterprise Edition:

12.4a_1.jpg

For Small Business Customer 12.1:

...