Video Screencast Help

Brandon Noble

Member Profile

Brandon Noble Symantec Employee

Status: -
Job Title: Security Response Liaison - Incident Response Officer

As a subject matter expert on threats in a corporate/enterprise environment, I assist our tech support agents and customers in understanding how malicious code will affect and infect their environment, as well as develop strategies to defend against it. Additionally, our team helps to prioritize the Support organization's needs for engineering work from the Symantec Security Response organization.
Although we are seldom in direct contact with a customer, we operate behind-the-scenes to enable mutual understanding of the threat, the infection vectors it uses, and any risks to intellectual property.

Member for: 11 years 45 weeks
Contribution Stats
Forum Threads
Blog Entries
Group Joined

Brandon Noble's Activity

New article 22 Jun 2017
Vault 7 is a series of documents that WikiLeaks began to publish on 7 March 2017, that allegedly detail activities and capabilities of the United States Central Intelligence Agency to perform electronic surveillance and cyber warfare. The files, dated from 2013–2016 ...
New article 20 Jun 2017
In April 2017, an attack group calling itself the TheShadowBrokers, released a trove of data it claims to have stolen from the Equation cyberespionage group. The data contains a range of exploits and tools the attack group state were used by Equation. TheShadowBrokers said that the data dump ...
New article 07 Jun 2017
In May of 2017, Symantec added a Risk detection for the tool Winexe. Winexe is a Linux based application that allows the execution of commands remotely on Windows based OSes. It installs a service on the remote system, executes the command and can then uninstall the ...
New blog entry 26 Jan 2016
I. BACKGROUND: On Thanksgiving weekend 2009, the threat landscape exploded with multiple global outbreaks of W32.Qakbot. That run lasted through January of 2010, and ...
New blog entry 06 Dec 2015
9 月 29 日火曜日から、シマンテックのお客様は、ファイルの場所を示す URL を指定するだけで、専用の Web サイトからファイルをご提出いただけるようになります。 これまで、シマンテックにファイルをお送りいただくには、該当のファイルをダウンロードしてから、送信ポータルにアップロードしなければなりませんでした。今回の新機能により、お客様がダウンロード URL ...
New blog entry 28 Sep 2015
Starting Tuesday September 29th, our customers will be able to submit files through the submission website, by supplying a URL where the file can be found. Currently customers must download a file and then submit it to Symantec by uploading through our submission portal. This new ...
New blog entry 20 Jan 2015
Crypto-type malware is particularly nasty to deal with because it encrypts files.  While an infected file has had code added to it which antivirus can remove, an encrypted file isn’t repairable without the unique encryption key that was used. The criminals using crypto-type malware ...
New blog entry 19 Dec 2014
Support is seeing an influx of calls on a spam attack with a Downloader.Upatre threat. Because the threat is a downloader and the downloaded files have differing behaviors the following is general information on what we are seeing. The threat ...
New blog entry 01 Aug 2014
Security Response is aware of an alert from US-CERT regarding a threat they are calling Backoff. This threat family is reported to target Point of Sale machines with the purpose of logging key strokes and scraping memory for data ...
New blog entry 23 Jan 2014
Recently we have seen a re-emergence of polymorphic file infectors, AKA viruses. Threats like W32.Sality and
New blog entry 30 Dec 2013
I. BACKGROUND: We have been dealing with new Sality variants for more than 12 years and the Sality.AE family for a little over 9…the variants keep coming. It has become one of the most common file infectors reported by Enterprise customers. With its ability to move ...
New blog entry 29 May 2013
Over the past several months we have had inquiries from concerned customers claiming Symantec was scanning their forward facing IPs for vulnerabilities. After some research and some extremely tense meetings it was determined that this was actually part of a service the customer had purchased ...