Posts Tagged ‘Symantec’

Symantec Corp

Symantec Control Compliance Suite 11

Symantec has released a new version of its solution class GRC (Governance, Risk and Compliance) under the name Symantec CCS (Control Compliance Suite) 11.

The objective of this solution is the implementation of today’s complex requirements for manageability, risk and compliance. This modular system allows you to solve a number of problems, which have previously been prohibitively complex.

In the past, Symantec has already proposed solutions class GRC, but in version 11 CCS has implemented a number of interesting innovations. One of these new products is the main module of Risk Manager, which automates many of the processes of management and auditing. In addition, Symantec CSS 11 assists IT-managers to better understand how complex IT-infrastructure affect critical aspects of the enterprise, including the risks and compliance with data protection.

Symantec CCS package 11 is a local solution for installation in the customer’s network. With this package IT-managers can audit risks, protection of personal data, as well as control of the overall manageability of IT-infrastructure. To install the package need a server running Windows Server 2003 SP2 or 2008 and Microsoft SQL Server database later version 2005 SP2. (more…)

Windows 8

Windows 8 is vulnerable to attack

The researchers checked the accuracy of the statement that the new OS is more secure than the previous platform.

Due to the fact that the interest of users in the recently released Windows 8 is very small, the researchers decided to find out whether a new version of the operating system is more secure than the previous ones.

According to experts Symantec, despite the fact that they were able to detect only one type of malicious application for Windows 7 that can attack users of Windows 8, they do not doubt in the gradual emergence of an increasing number of viruses for the new platform.

Researchers from the antivirus company Bitdefender, in turn, decided to find out how Windows 8 and its enhanced security to cope with the ‘old’ threats.

Analysts conducted a test with 385 malicious applications leads the list of the most common viruses and two personal computers that are running the new operating system of Microsoft. In this case, one of the PCs was activated Windows Defender. (more…)

Symantec Corp

Symantec Protection Center

Next Generation of Symantec’s Security Management solution.

Symantec Protection Center – is a console for centralized security management. Combining analytical tools Security and automation, it allows the timely and targeted actions to address incidents and proactively protect key systems and information resources.

Symantec Protection Center: Effective protection against today’s blended threats requires a coordinated control of multiple security systems and information about the security situation in order to reduce risks and facilitate management. With no means to summarize and rank the risk factors for products, groups and regions, organizations can easily miss the serious threats and compromise its security. Package Symantec Protection Center 2.0 – is a centralized management console for security systems that allow organizations to identify potential threats, prioritize tasks, and reduce the time of the adoption of protective measures on the basis of accurate and timely information.

“Display information about the safety records of internal threats and information on global threats in real time in a single web-based interface that supports the individual role of representations is critical to reduce the transaction costs associated with security and increases the ability of organizations to take immediate action against targeted attacks that hide their presence, “– said Lawrence Pingree, Director of Research (transformation of data centers and” cloud “security), Gartner. (more…)

Symantec CorpExperts fix the growth in the number of targeted attacks with using of the Windows Help File  (.hlp).

According to Symantec, an antivirus company experts have recorded the fact using of hackers files .hlp, (use help system “Windows Help”), in targeted attacks. In this case, the researchers note, the priority is given to attacks against government and industrial sectors.

Under assumptions of Symantec, Windows Help files are increasingly being used for targeted attacks because of the success of such attacks do not need to resort to the use of exploits.

“The functionality of the help file permits a call to the Windows API which, in turn, permits shell code execution and the installation of malicious payload files,” – says the expert. (more…)

Malware Trojan Horse

using the mouse to hide itself

The company Symantec announces new Trojans that embeds malicious code in your command will be executed when the mouse event handling. The virus can bypass the automated detection of threats, since its work no one uses the mouse.

According to data provided by the experts, this Trojan starts its work after a period of time in which not using the mouse. In particular, the malicious program unpacks his malicious code in 5 minutes, then waiting another 20 minutes, and added to the registry. Trojan network activity starts another 20 minutes later. This tactic allows the virus to remain undetected.

Another variant of the malware uses the Windows API – SetWindowsHookExA – to embed itself into the function that is responsible for the processes of the mouse. In normal operation, the Windows user sooner or later will make some action with the mouse and thereby activates a Trojan. (more…)

Symantec CorpVirus writers have created a monthly basis for some 33 malware in 2011.

According to Symantec, in 2011, was found 400 examples of malware that can bypass the automated malware analysis.

“If malware can hide itself from the automated analysis of the threats, they can mingle with millions of other files, and anti-virus software will not calculate them” – said representatives of Symantec.

Malware authors supply their development mechanism to detect the sandbox. In particular, such mechanisms include “registry scan”, “check the video drivers”, “use of special programs in assembly language” as well as the mechanism of “check-defined process.” (more…)

Symantec CorpSymantec has conducted investigation into the attacks of “zero-day” (zero-day attack), received discouraging results: on average, hackers are able to unauthorized use of unknown vulnerabilities in a wide range of over 312 days or 10 months. Furthermore, the number and severity of these attacks in recent times only grow.

Exploit “zero day”, as the combination of a vulnerability, is not widely publicized, and the tools to exploit this vulnerability, an attacker in order to have great value for cybercriminals. Once the vulnerability becomes generally known, developers, and system administrators are beginning to work actively to block or neutralize the threat, then the next exploit “zero day” becomes almost useless to cybercriminals. (more…)

Symantec CorpSymantec has announced a solution for the protection of workstations and servers designed specifically for small and medium businesses – Endpoint Protection Small Business Edition 2013.

This solution has centralized management in the form of a cloud service, the same as an application installed on the server of the company. By simplifying the deployment process, the company can move to the cloud option, without prejudice to the workflow. Now, when the number of cyber attacks on small businesses (250 employees or less) and has already doubled up 36% of all targeted attacks, this solution provides these businesses protection of their information.

In Symantec say Endpoint Protection Small Business Edition 2013 offers users advanced protection from viruses and malware, in which technology is applied Insight reputation scanning and behavior analysis SONAR. Thanks to them, the system detects new threats and neutralize them from the start. The new version of the solution is compatible with Windows 8, and can carry protection for computers with the new operating system from Microsoft. (more…)

Symantec CorpZero-day vulnerabilities and exploits dominate headlines and most heated information security discussions.

Researchers at Symantec’s tried to assess how active attackers use 0day-vulnerability and what is the average “shelf life” of this vulnerability, before it becomes known to the public and vendors, which releases a patch.

Practical study of this kind can not, for obvious reasons, because 0day-vulnerability by definition are unknown. Malware is not detected by antivirus software. However, experts Symatec developed a method of automatic recognition of 0day-attacks after the fact, according to the statistics of real binary file downloaded by 11 million computers around the world in February 2008 to March 2011 year. They conducted an empirical study, some interesting results. Presentation was held two days ago at a conference Association of Computing Machinery. (more…)

Symantec CorpAccording to Symantec, in the past month, the flow of spam advertising, phishing and malicious messages increased slightly. The level of spam in email traffic was 75.0%, 2.7 points higher than in August.

More junk email from other suffering people of Saudi Arabia (84.9%), and the division by sectors of economic activity – educators (77.9%) and entertainment (77.6%). Among the countries that spammers are leading India (17.4% of spam traffic) and Saudi Arabia (11.7%). The top five for this indicator also includes the United States (6.1%), Turkey (5.1%) and Canada (4.9%).

The most common theme is illegitimate messages advertising pornographic and dating sites, which share in August increased to 47.93%. Flows have also increased advertising replica designer goods, offers employment and casino spam (12.49, 7.83 and 2.26% respectively). Farmaspama share in total garbage posts decreased by 5 points, but still significant (27.64%). (more…)