Video Screencast Help
Symantec Appoints Michael A. Brown CEO. Learn more.
Symantec Analyst Relations
Showing posts tagged with Security
Showing posts in English
Symantec Analyst Relations | 25 Sep 2014 | 0 comments

Originally posted in Security Response

A new vulnerability has been found that potentially affects most versions of the Linux and Unix operating systems, in addition to Mac OS X (which is based around Unix). Known as the “Bash Bug” or “Shellshock,” the GNU Bash Remote Code Execution Vulnerability (CVE-2014-6271) could allow an attacker to gain control over a targeted computer if exploited successfully.

The vulnerability affects Bash, a common component known as a shell that appears in many versions of Linux and Unix. Bash acts as a command language interpreter. In other words, it allows the user to type commands into a simple text-based window, which the operating system will then run.

Bash can also be used to run commands passed to it by applications and it is this feature that the vulnerability affects. One type of command that...

James Hanlon | 20 May 2014 | 0 comments

For enterprises, these are testing times in the extreme. Never have IT departments – and the businesses that they support – been more exposed than they are today.

IT departments are challenged at every turn – with pressure from business leaders asking “is the business safe from cyber attacks?”; rapidly evolving IT estate complexity, including mobile rollouts, new cloud deployments and emerging software-defined data centres. IT relies heavily on its security teams, who are left to deal with disconnected security architectures and struggle with underfunding, and often a lack of incident investigation resources to be able to deal effectively with the waves of security incidents.

The thing is that attackers know this and are constantly seeking to extend their reach into the very fabric of the IT operations. As a result, many organisations are left vulnerable and at risk.

And it’s the nature of the attacks that are causing most consternation. Today’s...

Paul Wood | 08 Apr 2014 | 0 comments

In security as in business, information is power. As we put together the latest edition of the Internet Security Threat Report, we wanted to do more than simply throw some figures out there. As a result, Volume 19 presents a comprehensive analysis of last year’s threats according to publicly available information and events within Symantec’s purview, as well as detailed guidance about what security professionals can do in response. 

At the top level of the report, the main finding was a rapid and significant increase in breaches leading to the exposure of individual identities - employee, customer and patient details. Overall a total of 552 million identities were exposed, across 253 significant security breaches. 

Just as significantly, many of these breaches took place in the final quarter of the year, suggesting that we are at the beginning of a slew of such attacks - one of the reasons we felt pressed to include detailed advice in...

D Thomson | 28 Mar 2014 | 0 comments

I believe that the IT industry will, in the future, hold far more responsibility for radical changes to culture and society than ever before. The Internet of Things (IoT) will see humanity take a new foundation on which to build things (the Internet) and start to create architectures and services that fundamentally change the way we live our lives. Just in the past few weeks, I have spoken to entrepreneurs and large businesses that are seeding technological concepts that could, eventually, touch all of us in very meaningful and real ways. It is difficult (especially for a technologist like me) not to get excited about self-driving cars that learn from each other, connected homes that allow us to remotely monitor and control our personal spaces and smart meters that have a profound impact on a nations energy consumption. But, as I have discussed before, there are likely to be unintended consequences to all of these ideas that technologists (even the really clever ones) are likely to...

Sian John | 26 Feb 2014 | 0 comments

It can often seem that security measures exist to stop people from doing things, or to try to catch them out if they do. Across organisations, an broadening range of mechanisms can be used to ensure staff are not breaking the rules - raising the increasingly important question - how can security needs be balanced with employee privacy?

The answer is not straightforward. All manner of techniques are available to system administrators, security managers or senior management, including Data Leakage Prevention (DLP) and Deep Packet Inspection, but also extending to simply using privileges to gain access to the content of employee emails.

Not only is the potential for abuse clear and present but also, the corporate environment is becoming more complicated. A person's smartphone may connect to the corporate guest LAN - does this make it fair game for monitoring? What about use of  location information or CCTV, to help process efficiency or monitor for...

msmart007 | 13 Feb 2014 | 0 comments

Virtualisation brings enormous benefits to organisations everywhere, fundamentally altering the way in which they do business. It’s not a new concept, of course, but we are now seeing it being applied across areas that go way beyond simply machines and hosts.

Let’s look first at the virtualised world itself and its adoption among organisations: Enterprises are now operating at around 50-55% virtualisation in their data centres, with the goal of taking that to 90% or even higher. It’s a huge opportunity and a massive challenge, especially when it comes to security; because security has always struggled to keep up in the virtualised environment.

Generally speaking, there is a ‘tax’ to be paid when you put security into such an environment and usually that tax relates to performance – everything tends to run much slower. The upshot is that you no longer have the capacity you want and need – which runs counter to the whole point of having virtualisation in the first place...

D Thomson | 12 Feb 2014 | 0 comments

It’s still early days for the Internet of Things (IoT). While some are suggesting a complete revolution in 'smart' physical objects which will change our lives, I don’t think anyone will notice that much of a difference in the short term. Even so, over the next couple of years we will see all kinds of new devices connect to the internet, from plug sockets to plant pot monitors.

Each becomes not just a data source but also, potentially, a controllable device - and as such has a potential security impact. For a start, smart devices inevitably create data, which may need to be protected depending on the risks that surround it. Risk factors may not always be obvious - for example, burglars might be able to hack into a lighting control system to determine if a building is empty, before breaking and entering.

Speaking of which, we have the fact that smart devices are, in fact, tiny computers which can be hacked, corrupted or otherwise abused. We’ve...

Symantec Analyst Relations | 23 Jan 2014 | 0 comments

This Blog was originally posted in Security Response.

Could your baby monitor be used to spy on you? Is your television keeping tabs on your viewing habits? Is it possible for your car to be hacked by malicious attackers? Or could a perfectly innocent looking device like a set-top box or Internet router be used as the gateway to gain access to your home computer?

A growing number of devices are becoming the focus of security threats as the Internet of Things (IoT) becomes a reality. What is the Internet of Things? Essentially, we are moving into an era when it isn’t just computers that are connected to the Internet. Household appliances, security systems, home heating and lighting, and even cars are all becoming Internet-enabled. The grand vision is of a world where almost anything can be connected—hence the Internet of Things.

Exciting new developments are in the offing. A...

Symantec Analyst Relations | 22 Jan 2014 | 0 comments

As fans of Formula 1 eagerly await the new season, big changes are coming that will have a major impact on the sport. It’s something that Lotus F1 Team readily acknowledges will be a huge challenge. But they will be ready to take on whatever comes their way, they insist, just as their long-term partner Symantec is also embracing transformation throughout its business.

In fact, Lotus F1 Team sees itself and Symantec as being on something of a parallel journey, as they manage their rapidly altering business landscapes – very different, it might seem, yet driven by a common purpose: to be the best at what they do.

It is Symantec’s ability to achieve that goal, time and again, that has made Lotus F1 Team such a committed consumer and champion of its solutions. But first, back to those big changes in Formula 1. “For next season, the amount of fuel that can be used in a race is limited to 100kg, so none of the cars will have enough to finish the race,” Michael Taylor  ...

Sian John | 02 Jan 2014 | 0 comments

Based on discussions we are having across our customer base, we know that the Internet of Things (IoT) is a growing phenomenon. It’s not particularly new - after all, organisations have been monitoring the state of their buildings and equipment, and managing where things are in the supply chain, for many years now. What’s changing is the range and scale of physical objects that we’re starting to see connected, from air conditioning units to office doors. 

From our perspective of course, we are very interested in what this means in security terms. So, should organisations allow increasing numbers of devices and objects to connect to the Internet, or block all attempts to do so? From our perspective, the answer lies in being aware of the risks of doing so, and acting accordingly. 

As a starting point, we believe the challenges lie in misusing what is likely to mean a major new entry point to the organisation. We already have a major...