Hi Scott K,
Thanks for the post. This is an alert regarding the Cloud Hopper campaign that has been in the news recently. Symantec Security Response has been monitoring the APT group responsible for many years. I can confirm that more than a dozen different AV and IPS signatures are in place against the tools known to be used, and these defenses are continuously improved in response to new samples that are encountered.
Be sure that the environment is hardened, that all SEP components are in use, and that end users are training to recognize phishing mails. This article has many good tips:
Symantec Endpoint Protection – Best Practices
http://www.symantec.com/theme.jsp?themeid=stopping_malware&depthpath=0