Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Community Blog
Showing posts in English
Chetan Savade | 21 Feb 2014 | 3 comments

Hello,

Symantec Endpoint Protection 12.1.4a and 11.0.7.4a has been released on Feb 13' 2014.

The Builds version is: 12.1.4023.4080

SEP released version details are available here: https://www-secure.symantec.com/connect/articles/what-are-symantec-endpoint-protection-sep-versions-released-officially

Download here Symantec Endpoint Protection 12.1.4a and 11.0.7.4a :

https://symantec.flexnetoperations.com/control/symc/registeranonymouslicensetoken

SEP 12.1 Enterprise Edition:

12.4a_1.jpg

For Small Business Customer 12.1:

...

SebastianZ | 11 Feb 2014 | 0 comments

Microsoft Security Bulletin

On Tuesday the 11th of February Microsoft released the monthly Security Bulletin Summary for February 2014. The summary includes 7 Security Bulletins - 4 are classified as critical; 3 as important:

 

  • MS14-010    Cumulative Security Update for Internet Explorer (2909921)

Vulnerability impact: Critical - Remote Code Execution
Affected Software:
Microsoft Windows, Internet ExplorerSumamry

  • MS14-011    Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (2928390)

Vulnerability impact: Critical - Remote Code Execution
Affected Software: Microsoft Windows

  • MS14-007    Vulnerability in Direct2D Could Allow Remote Code Execution...
Vince Kornacki | 10 Feb 2014 | 11 comments

​In previous installments we installed our mobile development toolchain and cross compiled LIBPCAP and TCPDUMP. Now it's finally time to install and execute TCPDUMP! CyanogenMod includes a terminal emulator, however in my humble opinion it's much easier to type commands on a regular workstation keyboard. We can utilize the Android Debug Bridge (ADB) in order to connect to our CyanogenMod Mobile Device from our Debian Workstation. First we'll need to install the ADB package onto our Debian Workstation:

root@debian $ apt-get install android-tools-adb
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
android-tools-adb
[OUTPUT TRUNCATED]

Next we'll need to enable USB debugging on our CyanogenMod Mobile Device. Open the CyanogenMod "Settings" application and notice that there's currently no "Developer...

Vince Kornacki | 10 Feb 2014 | 3 comments

In the previous installment we installed our mobile development toolchain. Let's keep the party rockin' and download the latest versions of LIBPCAP and TCPDUMP. LIBPCAP is the packet capture library required by TCPDUMP. First let's unpack LIBPCAP and move into the newly created LIBPCAP directory:

root@debian $ tar zxvf libpcap-1.6.1.tar.gz
libpcap-1.6.1/
libpcap-1.6.1/grammar.y
libpcap-1.6.1/pcap_setnonblock.3pcap
libpcap-1.6.1/fad-glifc.c
[OUTPUT TRUNCATED]

root@debian $ cd libpcap-1.6.1

Now it’s time to make the magic happen! Time to cross compile TCPDUMP! I know that’s not as exciting as pulling a rabbit out of hat or sawing a lovely assistant in half, but you can only do so much in a blog post. First we'll need to set the "CC" environment variable to specify the ARM C compiler:

root@debian $ export CC=arm-linux-gnueabi-gcc

Note this environment variable syntax is specific to Bash and...

The Conquistador | 07 Feb 2014 | 2 comments

I have come across some instances where servers would have failing services or instances where they would have perticularly unusual behavior. Typically resulting in a restart of the services or the server. Even with the most current version of SEP, malicious/dangerous files can still be hidden. I have had a few cases where I ran complete windows updates and have found malicious files that SEP did not detect. I have come to learn that SEP alone cannot get rid of every threat out there, so I make sure that my systems are up to date and alerts are in place if anything occurs. The approach I will use is to run a complete scan of a suspected machine, clean and make sure it is up to date. I would advise caution depending on what your server is utilized for.

I would continue to make sure that it is current with Windows and SEP updates. If there is an instance that is repetitive there is a pretty large chance that this is an undetced infection.

DomSYMC | 05 Feb 2014 | 0 comments

Within Authentication Services there are three types of SSL certificates. These different types of SSL certificates each contain different features and level of authentication that is required in order to get it issued. Understanding these differences can prepare you in knowing what you need to prepare for in order to get the certificate issued as fast as possible.

The Three Types Are:

Extended Validation (EV) SSL
Examples: Secure Site with EV, Secure Site Pro with EV, True business ID with EV, SSL Web Server with EV, MPKI for SSL EV validated

A premium business class SSL security product fully authenticated, visually confirming the highest level of authentication available among SSL certificates. It gives your customers two highly  visible ways to confirm that your web site is secure—the green address bar and the True Site Seal, while providing strong encryption to protect their confidential...

SebastianZ | 29 Jan 2014 | 0 comments

Data Privacy Day led by National Cyber Security Alliance being held in the United States and Canada on 28 January 2014 alongside of the Data Protection Day celebration in Europe. The purpose of Data Privacy day is to raise awareness and promote data privacy education. For those not able to attend - there is a free stream recording available at: http://www.ustream.tv/staysafeonline

- See more at: http://www.staysafeonline.org/data-privacy-day/about

smartblogger | 28 Jan 2014 | 0 comments

An SSL certificate is a mode of authenticating a website and securing the transactions, as well as the data communicated through the website by users. It is, therefore, a critical tool for any website that is involved in e-commerce or similar ventures. Any responsible webmaster understands the indispensable value of this tool to the success of their website.

The first step to have your website SSL certified involves acquiring an SSL certificate from the companies that deal in internet based security. These companies will create the certificate for the website as well as a private key. The private key is what enables the webmaster to use the certificate that they have acquired. Many times SSL certificate India providers, in order to boost the security of the certificate; will delete all copies of the key from their server. This means that a webmaster must store his or her copy of the key quite securely to prevent it from getting lost. The webmaster will need to sign the...

SebastianZ | 27 Jan 2014 | 1 comment

Fortinet’s FortiGuard Labs has published a very interesting whitepaper about 10 years anniversary of mobile malware. According to the study mobile malware is evolving quite rapidly - only in 2013 researchers of FortiGuard have see more than 1300 new malicious applications per day with up to 400.000 malicious applications in total.

The whitepaper goes back up to 2004 and the first mobile worm - Cabir (infecting Nokia phones) up to year 2013 and arrival of first Ransomware for Android devices - FakeDefend.

Reference:
The World’s First Mobile Malware Celebrates its 10th Birthday
http://www.fortinet.com/resource_center/whitepapers/10th-anniversary-of-first-mobile-malware.html

...

SebastianZ | 27 Jan 2014 | 0 comments

Spoofed websites for popular social apps have been observed for some time now - recent reports from Malwarebytes show that one of the most popular mobile app - WhatsApp has been targetted recently as well.

The particular site at question aimed at Russian speakers and offered app download for broad scope of mobile devices - IOS, Android, Windows Phone and Blackberry. The site was resambling the legitimate website quite a bit with lot of code scrambled from the oficial website. The unsuspecting users downloading the application would get infected by variant of Android SMS Trojan that once installed would start sending text messages to premium rate numbers.

 

Reference:

Spoofed Whatsapp site delivers polymorphic SMS Trojan
http://www.net-security.org/malware_news.php?id=2687...