Introducing Symantec Work Mail – the same secure email app, but with a new look and feel, streamlined workflows, and enhanced capabilities.

We’ve listened to our users and completely redesigned our secure email app to make it easier for you to get your work done. New features include a modern look and feel, enhanced menus and icons, and streamlined workflows, so you can complete essential tasks faster. 

Enhanced Interactions

Symantec Work Mail now has touch and swipe-friendly navigation and menus. The main navigation is now a slider navigation that lets you easily toggle between Mail, Contacts, Calendar, Tasks, and Notes. You can also expand Mail to see all your email folders and jump to one of them. The email action menu gives you desktop Outlook functionality to easily flag, file, or delete emails with easy-to-tap icons at your fingertips.

Push Notifications

Work Mail now also supports push notifications, so you’ll now see a badge notification when new email is received. This will keep your emails updated throughout the day, rather than just when you open the app. 

Timeline

These updates are planned for the next release of Work Mail for iOS – coming soon! User interface redesigns for Work Mail for Android, and TouchDown for iOS and Android will follow.

Be sure to follow us on Twitter and FaceBook for the latest news!

Crypto-type malware is particularly nasty to deal with because it encrypts files.  While an infected file has had code added to it which antivirus can remove, an encrypted file isn’t repairable without the unique encryption key that was used. The criminals using crypto-type malware intend to sell you the unique key, giving you access to your files for a price. For this reason, crypto-type malware is also frequently called Ransomware. 

The key to dealing with crypto-type malware is prevention and planning.  While it is assumed you have antivirus and IPS protection in place, the criminals using crypto-malware are constantly updating code to avoid detection by these systems. Since the damage these threats do is often irreversible, taking additional steps to protect yourself is advised.

Preventive Measures

• Do not follow unsolicited web links in email messages or submit any information to webpages in links.
• Use caution when opening email attachments.
• Keep operating systems and software, including anti-virus, up-to-date with the latest patches.
• Perform regular backups of all systems/data to avoid serious consequences should your system fall under attack

Typically, we see crypto-type malware delivered by exploit kits on compromised web pages. Exploit kits actively scan a visiting machine and deliver threats through any exploitable vulnerabilities it was able to detect. For this reason we advise that along with IPS, the operating systems, web browsers, Java installations, and all other software be kept up to date with the latest patches.

Currently we are seeing an increase in reports of a crypto-malware called “CTB-Locker”. Diagnosing a specific variant from a picture is difficult as the criminals frequently re-use the digital “ransom note”, but for the spam campaign currently underway, we have detection of the final payload as Trojan.Cryptolocker.E

The current malicious spam campaign has one additional detail which can be used to control outbreaks. The initial attack vector is an email with a ZIP attachment claiming to be a FAX or invoice. The ZIP contains a threat we identify as Downloader.Ponik, and this is what downloads the crypto malware attachment. The file is typically a .SCR which gives you two additional tools to prevent an infection.

• Block SCR attachments at the mail gateway
• Implement an Application and Device Control policy in SEP or via a GPO that prevents SCR files from executing across the network.

There are new variants of these threats coming out every hour and desktop AV is, at its core, reactive. If you have received an email containing a file you have reason to suspect, or have already received such a file and are experiencing symptoms, please submit the file to Symantec. Unfortunately, submitting an encrypted file is of no diagnostic use and we cannot decrypt these files for you, they will need to be restored from backup.    

Link to VIDEO: http://youtu.be/xy3SkOm8kIw

A quick tour through some of the outstanding features of Symantec IT Management Suite, powered by Altiris technology.

Learn more by visiting:

http://www.symantec.com/endpoint-management/

Like&Share with your colleagues customers and friends

Regards,

Mauro

Legacy BIOS Vs UEFI

More info at:

https://technet.microsoft.com/en-us/library/hh825112.aspx

More info at:

https://technet.microsoft.com/en-us/library/dn336946.aspx

NOTE:

If you found the above information useful, please give this article a thumbs-up(top right of the post) or add a comment below. Your feedback will help the Symantec tech community – Thank you, Mauro

SYMANTEC OFFICIAL RULES FOR THE

Bubble Wrap Appreciation Day FACEBOOK SWEEPSTAKES DRAWING

THE BUBBLE WRAP APPRECIATION DAY FACEBOOK SWEEPSTAKES DRAWING IS OPEN TO LEGAL RESIDENTS OF THE 50 UNITED STATES AND THE DISTRICT OF COLUMBIA (EXCLUDING GUAM, PUERTO RICO, AND ALL OTHER U.S. TERRITORIES AND POSSESSIONS) AND CANADA (EXCLUDING QUEBEC) WHO ARE THE AGE OF MAJORITY IN THEIR STATE OF RESIDENCE AND AT LEAST 18  YEARS OR OLDER.  THIS DRAWING SHALL BE CONSTRUCTED AND EVALUATED ACCORDING TO CALIFORNIA LAW.

NO PURCHASE NECESSARY TO ENTER OR WIN.  PURCHASE WILL NOT INCREASE YOUR CHANCE OF WINNING.

BY PARTICIPATING IN THE DRAWING, YOU ACCEPT AND AGREE TO BE BOUND BY THESE “OFFICIAL RULES” AND THE DECISIONS OF THE JUDGES AND/OR SPONSOR RELATIVE TO THIS DRAWING.

1. SPONSOR

The Symantec Bubble Wrap Appreciation Day Facebook Drawing (the "Drawing") is sponsored by Symantec Corporation (the "Sponsor"), 350 Ellis Street, Mountain View, California, 94043, U.S.A. The Drawing begins on January 26, 2015 at 12:00:00am Pacific Time (PT) and ends January 28, 2015 at 11:59:59pm PT (the "Drawing Period"). 

THIS DRAWING IS IN NOT SPONSORED, ENDORSED OR ADMINISTRATED BY, OR ASSOCIATED WITH FACEBOOK.

2. ELIGIBILITY – VOID WHERE PROHIBITED

This Drawing is open to legal residents of one of the fifty United States or the District of Columbia and Canada (except Quebec), who have reached the age of majority in their state or of residence as of the starting date of the Drawing Period (“Participant”).  Each Participant must have an account on www.facebook.com.  Persons in any of the following categories are NOT eligible to enter, participate in, or win the Drawing: (a) persons who on or after the starting date of the Drawing Period were or are officers, directors or employees of Symantec Corporation, or any of its subsidiary, affiliated companies, service agencies, or independent contractors; and (b) persons who are immediate family members (defined as spouse or biological or step-mother, father, sister, brother, daughter, or son and each of their respective spouses) of any person in any of the preceding categories, regardless of where they live, and/or individuals who reside in the same household, whether related or not, as any person in any of the preceding categories. Any questions and/or issues concerning eligibility shall be determined at the sole discretion of the Sponsor.  This Drawing is void in Guam, Puerto Rico, and where prohibited by law.  Employees or representative of government agencies or organizations are not eligible to participate.

Participants understand that by participating in this Drawing, they are providing their information to Sponsor and not to Facebook. Further, Participants specifically release Facebook from any and all liability associated with this Drawing. The information you provide will be used as provided in Sponsor's privacy policy (provide link). Any questions, comments or complaints regarding this Drawing shall be directed to Sponsor and not to Facebook. Participation constitutes Participant’s full and unconditional agreement to these Official Rules and Sponsor's and/or Judges' decisions, which are final and binding in all matters related to the Drawing.  Winning a prize is contingent upon fulfilling all requirements set forth herein.

3. HOW TO ENTER.  NO PURCHASE NECESSARY.  PURCHASE WILL NOT INCREASE YOUR CHANCE OF WINNING.

You must have a valid Facebook account in order to participate.  You can enter the Drawing by following these steps during the Drawing Period (“Entry”):

1. Visit www.facebook.com/SymantecWebsiteSecuritySolutions

2. Like the Website Security Solutions Facebook Page

3. Comment on the questions in the Post related to the Drawing

General Requirements 

In addition to the above-listed required steps, all Participants must abide by these General Requirements:

• Your Entry must be in English.

• Your Entry must not:

  a. violate applicable law;

  b. depict hatred;

  c. be in bad taste;

  d. denigrate (or be derogatory toward) any person or group of persons or any race, ethnic group, or culture;

  e. threaten a specific community in society, including any specific race, ethnic group, or culture;

  f. incite violence or be likely to incite violence;

  g. contain vulgar or obscene language or excessive violence;

  h. contain pornography, obscenity, or sexual activity; or

  i. disparage the Sponsor. 

• Your Entry must be original, your sole property, and not previously published or submitted in any other Drawing.

• Your Entry must not violate any right of a third party including, but not limited to: copyright, trademark, any other intellectual property right, right of publicity, confidentiality, and privacy. Please do not include the name or logo of any company or product produced by a manufacturer other than Symantec.

  By submitting an Entry, you agree that Sponsor has the unrestricted right to use your Entry in whole or in part, commercially or non-commercially in any media known or unknown in perpetuity, worldwide, including the right to publish and display the Entry for advertising and publicity, and to edit and make derivative works, all without additional review or compensation. Additionally, you agree that Sponsor may post your Entry, including your name on its sponsored websites and/or third-party sites. 

Limit one (1) entry per person, regardless of the number of Facebook accounts used, for the duration of the Drawing Period.  If you enter or attempt to enter more than once using multiple Facebook identities, all of your entries may be declared null and void, and you may be disqualified and ineligible to participate in this Drawing.  Duplicate entries and/or other mechanical reproductions of entries are not permitted.  Illegible or incomplete entries will be disqualified.

Your entry may be disqualified, at the sole discretion of Sponsor if you attempt to enter through any means other than by the online submission requirement herein, if you disrupt the Drawing or circumvent the terms and conditions of these Official Rules, or violate the Facebook Terms of Service or Facebook Rules (https://www.facebook.com/policies/?ref=pf), which govern the use of Facebook.  If any of the above occurs, Sponsor has the right to remedy any such action, disruption, or circumvention in a manner to be solely determined by Sponsor.

4. PRIZES

Symantec will award the following prize in the Drawing:

The total estimated retail value of all of the prizes to be awarded under the Drawing is US$30.00.  The odds of winning depend on the number of eligible entries received during the Drawing Period.  Prizes are not transferable or exchangeable, or redeemable for cash.  No prize substitution is allowed, except Sponsor may substitute a comparable prize at Sponsor’s sole discretion.  Winner is solely responsible for any applicable federal, state, provincial, and local taxes.  Any other costs and expenses associated with prize acceptance and use not specified herein as being provided are winner’s sole responsibility.  All details and other restrictions of prizes not specified in these Official Rules will be determined by Sponsor in its sole discretion.

5. SELECTION OF WINNER; NEED NOT BE PRESENT TO WIN

A total of one (1) potential winner will be selected by random drawing on or around January 28, 2015 at Symantec Corporation, 350 Ellis Street, Mountain View, CA.

Potential winner will be notified via his or her Facebook email account (e.g., “Congrats [Username!] You are a winner!  To claim your prize, email Symantec at brook_chelmo@symantec.com with your contact information”).  Potential winners must respond via Facebook within 7 business days of notification by sending an email message to brook_chelmo@symantec.com with your contact information.  There will be no additional media or channels utilized to announce winners. 

If a potential winner is (i) found to be ineligible or not in compliance with these Official Rules, (ii) declines to accept a prize, (iii) if Sponsor does not receive a timely response to a winner notification, or (iv) in the event that a prize notification or prize is returned undeliverable, then the corresponding prize will be forfeited, the potential winner disqualified, and at the Sponsor's sole discretion, the prize may be awarded to an alternate winner chosen by Sponsor’s judges.  Potential winners may be required to furnish proof of identification.  Before being declared a winner, potential winner must execute and return an Affidavit of Eligibility and Waiver of Liability within seven (7) business days from the postmarked date as having been sent by the Sponsor's representative or otherwise the corresponding prize may be forfeited.

In the event of a dispute as to the identity of an entrant, the affected entry will be deemed submitted by the authorized account holder of the Facebook account used to enter the prize drawing.  A potential winner may be required to provide Sponsor with proof that the potential winner is the authorized holder of the associated Facebook account or email account.  An authorized account holder is defined as the natural person who is assigned to the Facebook account by Facebook, Inc.  If a dispute cannot be resolved to Sponsor's satisfaction, the affected entry will be deemed disqualified and ineligible to win a prize, but these Official Rules will otherwise continue to govern the affected entry.

6. CONDITIONS

BY PARTICIPATING IN THE DRAWING, YOU AGREE TO RELEASE AND HOLD SPONSOR, FACEBOOK, THEIR RESPECTIVE PARENT COMPANIES, SUBSIDIARIES, AFFILIATES, PRODUCTION AND ADVERTISING AGENCIES, AND EACH OF THEIR RESPECTIVE OFFICERS, DIRECTORS, EMPLOYEES AND AGENTS (COLLECTIVELY, THE “RELEASED PARTIES”) HARMLESS FROM ANY AND ALL LOSSES, DAMAGES, RIGHTS, AND CLAIMS OF ANY KIND IN CONNECTION WITH THE DRAWING, DRAWING-RELATED ACTIVITY,  OR YOUR ACCEPTANCE, POSSESSION, USE OR MISUSE OF ANY PRIZE, INCLUDING, WITHOUT LIMITATION, PERSONAL INJURIES, PROPERTY DAMAGE, INVASION OF PRIVACY, AND MERCHANDISE DELIVERY.

Sponsor assumes no responsibility for any damage to your computer device which is occasioned by participation in the Drawing, or for any computer device, phone line, hardware, website, software or program malfunctions, or other errors, failures, delayed computer transmissions or network connections that are human or technical in nature. 

All federal, state, provincial, and local laws apply.  Without limiting the generality of the foregoing, Sponsor is not responsible for incomplete, illegible, typographical errors, misdirected, misprinted, late, lost, damaged, stolen, or intercepted Drawing entries or prize notifications; or for lost, interrupted, inaccessible or unavailable networks, servers, satellites, Internet Service Providers, websites, or other connections; or for miscommunications, failed, jumbled, scrambled, delayed, or misdirected tweets, or computer, telephone or cable transmissions; or for any technical malfunctions, failures, difficulties or other errors of any kind or nature; or for the incorrect or inaccurate capture of information, or the failure to capture any information.  In the case of any of the aforementioned events occur, Sponsor shall have the right to modify, suspend, or terminate the Drawing in its sole discretion.  Sponsor reserves the right in its sole discretion to disqualify any individual who is found to be tampering with the entry process or the operation of the Drawing, or to be acting in violation of these Official Rules, or to be acting in an unsportsmanlike or disruptive manner, or with the intent to disrupt or undermine the legitimate operation of the Drawing, or to annoy, abuse, threaten or harass any other person, and Sponsor reserves the right to seek damages and other remedies from any such person to the fullest extent permitted by law.  In the event Sponsor is prevented from awarding prize(s) or continuing with the Drawing as contemplated herein by any event beyond its control, including but not limited to fire, flood, natural or man-made epidemic, earthquake, explosion, labor dispute or strike, act of God or public enemy, satellite, equipment or software failure, riot or civil disturbance, terrorist threat or activity, war (declared or undeclared) or any federal state or local government law, order, or regulation, public health crisis (e.g. SARS), order of any court or jurisdiction, or other cause not reasonably within Sponsor’s control (each a “Force Majeure” event or occurrence), then subject to any governmental approval which may be required, Sponsor shall have the right to modify, suspend, or terminate the Drawing in its sole discretion. 

By entering the Drawing, you agree: (i) to be bound by these Official Rules and by all applicable laws and decisions of Sponsor which shall be binding and final; (ii) to waive any rights to claim ambiguity with respect to these Official Rules; (iii) to waive all of rights to bring any claim, action, or proceeding against the Released Parties in connection with the Drawing; and (iv) to forever and irrevocably agree to release, defend, indemnify, and hold harmless the Released Parties from any and all claims, lawsuits, judgments, causes of action, proceedings, demands, fines, penalties, liability costs and expenses (including, without limitation, reasonable outside attorneys’ fees) that may arise in connection with your participation in this Drawing.

By posting to Facebook, you must (i) make no false or misleading representations or advertisements with regard to Sponsor; (ii) make no statements regarding Sponsor that you do not have a reasonable basis for or that are inconsistent with your honest opinions, findings, beliefs, or experiences; (iii) comply with all applicable laws and regulations, including but not limited to advertising and marketing laws such as the Federal Trade Commission’s Endorsement Guidelines; (iv) comply with the Facebook terms of service and other policies; and (vi) comply with any other policies of Sponsor as may be communicated to you during the Drawing Period.

All issues and questions concerning the construction, validity, interpretation and enforceability of these Official Rules, or the rights and obligations of a Participant and/or Sponsor in connection with the Drawing, will be governed by, and construed in accordance with, the laws of the State of California without regard to California conflicts of law principles.  All Participants consent to the exclusive jurisdiction and venue in Santa Clara County, California, U.S.A.

The invalidity or unenforceability of any provision of these Official Rules will not affect the validity or enforceability of any other provision. In the event that any provision is determined to be invalid or otherwise unenforceable or illegal, these Official Rules will otherwise remain in effect and will be construed in accordance with their terms as if the invalid or illegal provision were not contained herein. In particular, Sponsor’s employees are not authorized to waive, modify, or amend any provision or provisions of these Official Rules in any manner whatsoever.

By entering the Drawing, Participants agree to the terms of Sponsor’s Privacy Policy (http://www.symantec.com/about/profile/privacypolicy/index.jsp). Unless Participants indicate otherwise at the time of entry, personal information collected from Participants may be used by Sponsor for the purpose of not only administering this Drawing but also contacting you regarding your interest in Sponsor’s products and services.  Winner’s name and identity will be publicly announced via Facebook.

AFFIDAVIT OF ELIGIBILITY AND WAIVER OF LIABILITY

By signing below, the undersigned Participant in the Symantec Bubble Wrap Appreciation Day Facebook Drawing (the "Drawing") sponsored by Symantec Corporation (“Symantec”) hereby attests that, prior to participating in the Drawing he/she read the Official Rules for the Drawing and has previously agreed that his/her participation in the Drawing is governed exclusively by those Official Rules.  In consideration for the prize awarded to Participant through his/her participation in the Drawing, Participant agrees and acknowledges as follows:

1.   Eligibility: Participant was at least 18 years old and had reached the age of majority in his/her state of residence as of the starting date of the Drawing Period, and is an individual eligible to participate in the Drawing in accordance with the Official Rules, and, accordingly, is eligible to receive any prize awarded to him/her through the Drawing.  Participant acknowledges that his/her right to receive a prize may not be transferred, substituted for another prize, or exchanged for cash, and that Participant is solely responsible for all taxes or governmental fees due for receiving, owning, or using the prize.  Should it thereafter be discovered or determined that Participant was not eligible to receive a prize, Participant agrees to return such prize within ten days of written notice by Symantec, or by a duly authorized agent of Symantec, and to pay all costs associated with the return of such prize.

2.   Waiver of Liability: As set forth in the Official Rules, Participant hereby releases Symantec and Facebook, and their respective subsidiaries, affiliates, agencies, and their respective officers, directors, employees and representatives (collectively, the “Released Parties”) from any and all liability, loss, or damage arising from Participant’s acceptance, possession, or use of a prize, including, but not limited to, claims for product liability, personal injury, breach of contract, and negligence.  Participant acknowledges and agrees that the Released Parties make no warranty, expressed or implied, with respect to the accuracy of any information relating to the prizes awarded, including pricing and product editorials, and Participant hereby waives and releases the Released Parties from any liability, loss, or damage caused directly or indirectly by any inaccuracy associated with such information.  Without in any way limiting the generality of the foregoing, Participant agrees that this waiver embraces, covers and includes each, every, and all matters, transactions, causes of action, claims, demands and obligations arising in favor of Participant as against the Released Parties relating to Participant's participation in the Drawing.  Participant hereby waives any and all rights under the provisions of California Civil Code Section 1542, which provides as follows:

A general release does not extend to claims which the creditor does not know or suspect to exist in his or her favor at the time of executing the release which if known by him must have materially affected his or her settlement with the debtor.

3.   Governing Law: Participant agrees that any dispute that arises as a consequence of his/her participation in the Drawing will be governed by the laws of the State of California.

Participant:     __________________________________                                                                                               

Signature:    _______________________________________                                                                                                   

Date:  ______________________                     

Address: ____________________________                                                                  

               ____________________________                                                                                                          

Email Address:     ____________________________

Os consoles de jogos atuais são computadores independentes, mas que ainda não são suscetíveis ao malware como os PCs e outros dispositivos. Embora os consoles ainda sejam resistentes ao malware, há outros meios de acesso que os criminosos cibernéticos podem tentar usar para ter acesso às suas importantes contas de jogos.

Além das tentativas de phishing em contas de jogos, os jogos online podem sofrer ataques de negação de serviço distribuída (DDoS) dos hackers. Esses ataques não envolvem diretamente os consoles do usuário. Os hackers preferem atacar os servidores do fabricante do jogo criando um intenso e intencional tráfego na rede, o que causa inevitavelmente interrupção do serviço.

Como os consoles estão vulneráveis?

Os criminosos estão interessados principalmente em obter as credenciais das contas de usuários, como nome do usuário e senha. Ao ter acesso à conta de jogos, esses criminosos podem roubar o estoque de jogos do usuário e até mesmo toda a conta.

Os itens que um jogador coleta durante o jogo, como armas, ouro e prata virtuais e realizações desbloqueadas, têm grande valor e podem ser vendidos por dinheiro real em vários sites de jogos clandestinos. Alguns jogos oferecem compras, o que significa que há uma chance de haver informações de pagamento, como cartão de crédito, associadas à conta, permitindo que o hacker faça compras não autorizadas de jogos e itens de jogos.

Como os criminosos cibernéticos têm acesso às contas dos jogos?

Normalmente eles tentam golpes de phishing através de e-mail, engenharia social e até mesmo serviço de mensagens ou chat dos jogos. Os golpistas podem se passar por algum funcionário do fabricante do jogo, alertando sobre um problema com a sua conta, e tentar direcionar você a um site malicioso, pedindo que você faça o login para solucionar o problema.

Outra tática comum é a oferta de pontos gratuitos, brindes e disputas. Para que você receber seu "prêmio", os phishers o levarão a um site malicioso e solicitarão que você faça o login com as credenciais de sua conta.

Além dessas táticas, as credenciais da conta também podem vazar através de violação de dados na empresa fabricante do jogo ou com outros parceiros associados.

Como manter a segurança de suas contas de jogos

• Use sempre uma senha segura e mude-a com frequência, mais ou menos a cada 3 meses.
• Informe-se sobre os golpes de phishing e saiba como ficar atento a eles. Tome cuidado com e-mails de remetentes desconhecidos e nunca faça o download de arquivos suspeitos nem clique em links desconhecidos.
• Tome cuidado com os fóruns de jogos online, que é outra área frequentada pelos golpistas, que tentam enganar os usuários, convencendo-os a divulgar as credenciais da sua conta.
• Proteja sua rede doméstica. Tudo está conectado: computador, telefone, tablet e até mesmo outros aparelhos como televisões. Apesar de ainda não ter surgido nenhum malware direcionado aos consoles, alguns malwares podem acessar outros dispositivos de sua rede, onde talvez possam obter informações confidenciais dos usuários. Comece protegendo o roteador da Internet. Altere a senha padrão no dispositivo. Instale um programa de firewall ou ative-o no roteador, caso tenha um disponível. Além dessas proteções, é importante também contar com um conjunto de software de segurança na Internet, como o Norton Security no computador, telefone e outros dispositivos conectados à rede. Isso impedirá que o malware acesse sua rede.
• Lembre-se: os fabricantes de jogos jamais entrarão em contato com você solicitando suas credenciais. Caso você acredite ter algum problema com a sua conta, acesse diretamente o site da empresa em um navegador em vez de clicar nos links contidos nas mensagens recebidas.
• Se tiver ocorrido uma violação de dados que envolva as credenciais da conta de usuário, tente fazer o login na sua conta imediatamente e mude a senha. Caso não consiga mudar sua senha, entre em contato diretamente com o fabricante do jogo.

Embora os consoles de jogos estejam relativamente protegidos contra ataques de malware, as contas de usuário ainda estão vulneráveis. Usando o senso comum e as dicas mencionadas neste artigo, você protegerá não só suas informações pessoais, mas também o precioso tempo que você investiu no desenvolvimento de seu personagem e nas realizações conquistadas no jogo.

Las consolas de juegos actuales son equipos independientes, pero aún no están en la etapa en la que son vulnerables a software malicioso del mismo modo que las PCs y otros dispositivos. Si bien el impacto del software malicioso es limitado en las consolas, existen modos en que los cibercriminales intentan acceder a las cuentas de juegos en línea.

Además de los intentos de phishing en las cuentas de juegos de los usuarios, los juegos en línea pueden ser afectados por hackers mediante ataques distribuidos de negación de servicio (DDoS). Estos ataques no involucran directamente las consolas de los usuarios, sino que los hackers inundan intencionalmente los servidores de las empresas de juegos con tráfico de red con el objetivo final de detener la red.

¿Cómo las consolas pueden ser vulnerables?

Lo que más interesa a los cibercriminales es obtener credenciales, datos y valor de las cuentas de los jugadores, incluyendo nombres de usuario y contraseñas. Si los cibercriminales tienen acceso a las cuentas, pueden robar el inventario de juegos del usuario e incluso vaciar la cuenta completa.

Los elementos que el jugador obtuvo durante el juego, como armas, oro y plata virtuales y logros desbloqueados, tienen valor de venta a cambio de dinero real en varios sitios de juegos clandestinos. Algunos incluso ofrecen posibilidad de hacer compras, lo que significa que probablemente haya información de pago asociada a la cuenta, por ejemplo, una tarjeta de crédito; de esta manera, el hacker puede adquirir juegos y elementos de juegos sin autorización.

¿De qué manera los cibercriminales obtienen acceso a cuentas de juegos en línea?

En general, los cibercriminales utilizan intentos de engaños (phishing) mediante correo electrónico, ingeniería social e incluso chat y aplicaciones internas de mensajería del propio juego. Los estafadores pueden hacerse pasar por representantes de la empresa de juegos, alertarle sobre un supuesto un problema con su cuenta e intentar dirigir al usuario a un sitio web malicioso donde le solicitarán que inicie sesión para resolver el problema.

Otra táctica común es la de ofrecer puntos gratuitos, obsequios y premios. Para obtenerlos, los ciberatacantes dirigirán al usuario a un sitio web malicioso y le solicitarán que inicie sesión con las credenciales de su cuenta.

Además de estas tácticas, en ocasiones suele suceder que las credenciales de la cuenta de los usuarios se filtran mediante una fuga de datos que puede sufrir la misma empresa de juegos o de alguno de sus socios.

¿Cómo protegernos al jugar en línea?

• Usar siempre una contraseña segura y cambiarla con frecuencia. Cada 3 meses, como mínimo
• Informarse sobre estafas / phishing y estar alerta. Sea precavido con los correos electrónicos y mensajes de remitentes desconocidos y nunca descargue archivos sospechosos ni haga clic en vínculos desconocidos.
• Actuar con precaución en los foros de juegos en línea, otro lugar que los estafadores suelen frecuentar con el objetivo de engañar a los usuarios para que divulguen las credenciales de sus cuentas.
• Proteger la red de casa. Todo está conectado: nuestro equipo, el teléfono, la tablet e incluso algunos electrodomésticos (por ejemplo, televisores). Si bien todavía no existe software malicioso destinado a consolas, hay software malicioso que puede acceder a otros dispositivos de la red y obtener información confidencial del usuario. En primer lugar, proteja su router de Internet. Asegúrese de haber cambiado la contraseña predeterminada del dispositivo. Instale un programa de firewall o, si tiene uno disponible, habilítelo en su router. Además de estos mecanismos de protección, asegúrese de contar un paquete completo de software de seguridad en Internet como Norton Security en su equipo, teléfono y demás dispositivos conectados a su red. Esto le ayudará a evitar que el software malicioso acceda a la red.
• Recuerde: las empresas de juegos nunca le contactarán para pedirle sus credenciales y, si cree que hay un problema en su cuenta, vaya directamente al sitio web de la empresa desde un navegador web en lugar de hacer clic en vínculos que aparecen en los mensajes.
• Si la empresa sufrió una fuga de datos que afecta las credenciales de las cuentas de sus usuarios, intente iniciar sesión en su cuenta inmediatamente y cambiar su contraseña. Si no puede cambiar su contraseña, contacte con la empresa de juegos directamente.

Usar el sentido común y los consejos mencionados en este artículo ayudarán a proteger nuestra información personal y el tiempo valioso que invirtió en desarrollar y alcanzar diversos objetivos y metas dentro del juego.

There’s no better way to learn something than by doing. With this in mind, Symantec created CyberWar Games, an innovative approach to understanding the cyber threats our customers face every day by giving employees the opportunity to walk in the shoes of the attacker.  CyberWar Games allows employees to better understand an attacker’s motives, tactics, techniques, and goals from the hacker’s point of view. Similarly, when a pilot goes through the process to obtain a pilot’s license, they don’t just read a few books, hop into a cockpit and fly the next red eye off of the runway. Instead, they’re trained in classes and spend hours upon hours in simulations before even touching the controls of a real plane. In the same fashion that pilots are trained, we are training our employees to become stronger experts in cyber security.

Four years ago, Symantec’s Cyber Security Services, launched our first annual Cyber War Games, an internal event that provides Symantec employees the opportunity to better understand the challenges that present themselves within the cyber security landscape. The games give Symantec employees of all technical levels a first hand opportunity to learn how an attacker can exploit networks, applications, products, solutions and more, through a simulated real world environment. Obtaining this unique knowledge about threats allows our employees to help cultivate their security IQ and change the way they think about emerging threats and cyber criminal tactics. One employee, who previously participated in the games, stated  “The challenge gave me more insight on what I should focus on when doing internal audits and securing our network.”

CyberWar Games simulations differ from regular training exercises, in that they are a fully immersive experience.  Instead of having our employees go through disconnected individual hacking exercises, CWG provides  a complete interactive challenge with an objective. This allows our employees to experience an attack from start to finish and understand the tools and thought processes that hackers commonly use. The simulations are modeled after high profile incidents reported in the media, and use the five phases of an attack: reconnaissance, incursion, discovery, capture and exfiltration. One employee commented “The realism of the games are beneficial, I thought all the scenarios were well thought up, very similar to real world situations and things that could happen. The challenge really makes you think a bit more about security.”  

The games are open to all Symantec employees, not just the security experts, and are designed to include individuals with little to no technical experience. As a result, all of our employees, no matter their role in the company have benefited from the games. On how well rounded these events are for all Symantec employees, another participant said, “I look forward to seeing future events like this. In security training, there is a lack of practical hands-on experiences for many admins. This event provided a fantastic experience to both new and old members of the security field.”

CyberWar Games have also helped empower employees on the sales teams to better communicate the value of our products and services to our customers, and have overall helped employees worldwide improve their existing skillsets.

As a result of participating in the games, and knowing how the adversary operates, Symantec employees are improving our products and services and ultimately helping our customers to prepare, detect and respond to the threats of today and tomorrow.

The new look of Enterprise Vault Search (EVS) has received lots of positive feedback and appreciation from the EV customers and partners. To keep the ball rolling more user friendly features have been added to EVS in EV11.0.1. Along with the new features, Tablet and Mobile support has also been added in SP1.

Below is the brief description of the new features.

Actions Menu 

In EV11.0.1 Actions Menu feature has been introduced to support Enterprise Vault Search (EVS) on Tablet devices. Actions menu is available in both desktop as well as tablet version of EVS.  With the help actions menu users can perform all the right click operations available in the application. The options in the actions menu are dynamic and vary based on the user selection. Actions Menu also provides a quick way to Show\Hide the sidebar and also allows user to instantly change the reading pane orientation.                                                                                                                                                             

Startup Location

This feature allows you to select a folder or archive to be used as a startup location when EVS is launched next time or every time. Read more about Startup Location.                                                                                                                                                                           

Actionable Breadcrumb

In EV11.0.1 the breadcrumb within EVS will be actionable. This will help user to easily navigate through the folders which are part of deep hierarchy.                                                                                                                                                            

EVS Support for Tablet Device

In the new release EVS desktop version has been tuned to work on most of the Tablet devices. For a list of supported OS and Browser version read Pg#83 onwards of EV Compatibility Chart.                                                                                                                                                  

EVS Support for Smartphones

Enterprise Vault Search can now be accessed through most of the smartphones. A new web based application has been developed to provide seamless access to your Exchange and Internet Mail archives. For a list of supported OS and Browser version read Pg#83 onwards of EV Compatibility Chart. Read more about EVS Mobile                                                                                                                                                                

In EV11.0.1 Enterprise Vault Search allows end user to set a startup location in the user preferences. With this feature you can directly access your favorite folder without navigating or going through a series of mouse clicks. Startup Location allows user to select a folder or an archive as a default startup when the Enterprise Vault Search is launched next time. In the user preferences there are two options to set the startup location

1) Last Accessed Archive or Folder  

This option is selected by default and every time EVS is launched it navigates user to the folder or archive that user had last accessed before closing EVS.

2) Selected Archive or Folder

This option allows to user to select any folder or archive to set a as a startup location. Choose button launches a new window with a list of archives accessible to the user. The folder selected as a startup location is displayed in the user preferences.

Note: The selected option persists across browsers and sessions.

Last month London’s The Copper Box Arena at the Olympic Park transformed into a city of science and technology exploration for students. TeenTech organizes events across England and Ireland to inspire tomorrow’s innovators by bringing to life the variety of opportunities in science, technology, engineering, and math (STEM). Five hundred students from forty-two schools across London spent the day immersed in hands-on activities. Two hundred professionals, including a team of Symantec volunteers, shared real life challenges and experiences of STEM careers. It was an opportunity to bring the students’ curriculum to life but also to introduce career paths that they may not have known even existed. Students could design their own mobile apps, interact with Watson, IBM’s artificially intelligent computer, or see 3D mapping technology in action.

Here at Symantec - we believe in giving something back - taking responsibility for educating and contributing to the development of a better society, creating a safer place for people, businesses and governments. Participating at TeenTech is one way that Symantec can contribute to building a brighter future.

We hosted several 25 minute breakout sessions for the students to learn about the vulnerabilities of the internet and password security. This took the form of a “Cyber Spies” challenge which involved the children witnessing a “packet capture” – an extract of what the “bad guys” might listen to when two friends are using a non-secure instant messaging service to communicate. The children’s challenge was to use the information in this conversation to guess a password to a Facebook account. We also had them do a treasure hunt on social media channels like Facebook, Twitter, and Tumblr to find public personal information. To add some friendly competition the children were pitched against each other to see who could complete the task the quickest. 

The day was a rewarding experience for everyone that was involved. We know how important Corporate Responsibility is for a company's public persona, but it’s much more than that - we do it because we care about educating the next generations. These young people are the generations that will become our leaders, educators, healers and innovators.

To learn more about Symantec’s commitment to Your Information, visit us here. 

Michelle Davies is Symantec's Senior Principal Marketing Specialist UK&I 

I have been working with NetBackup since 6.5 as a consultant and from time to time I have seen flat file windows backups fail with 156 errors, which is a snapshot failure. A snapshot is not typically used when doing these types of backups. To avoid these failures do the following;

Admin console > Host Properties > Master Servers > Client Attributes > Add Client (short of FQDN - however seen in netbackup) > TAB Windows Open File Backup > Snapshot error control > SELECT disable snapshot and continue

BE SURE TO DOUBLE CHECK SNAPSHOTS ARE NOT CONFIGURED FOR THIS CLIENT ON OTHER POLICIES BEFORE MAKING THIS CHANGE -- for example: if doing a windows backup for the operating system and a snapshot\backup of the Exchange database on that same server.

Hope this helps!

In our first two posts in this series, we discussed the challenges of Android in the enterprise and provided tips to help secure Android to enable its adoption. In this post, we’ll dive into the potential threats and risky behaviors of mobile apps for Android.

Mobile devices and apps are no longer an option for the enterprise, but a necessity. They help employees become more productive in this increasingly mobile world. Unfortunately, in this on-demand app environment, many employees simply won’t wait for company issued tools. Instead, they find and use business apps on their own.

The result?  IT has virtually no control and visibility over what apps are accessing corporate data, where the apps are downloaded from or what risks these apps may pose the enterprise. Industry analyst, Gartner, claims that 75% of all mobile apps will fail basic security tests. This is an alarming percentage, given the growing number of employees downloading and using the apps of their choice to access enterprise data and networks.

The mobile app risk is especially acute for Android. Due to the open nature of Android, apps can be downloaded from countless sources, such as Google Play, third-party app stores and even users sideloading apps to their phones. IT simply cannot track the validity and safety of all of these apps.

Symantec has developed unique and dynamic app intelligence by analyzing over 15 million apps across 200+ app stores, including Google Play. We’ve identified that more than 20% of these apps are malicious. While malware is a growing concern, as Android takes more of the market share; another, larger concern is focused on the behavior of the apps themselves. These risky app behaviors include:

• Tracking users. Mobile spy apps track activity on a mobile device. They collect texts and call logs, monitor GPS coordinates, record calls, and grab photos and videos. The volume of user-tracking incidents increased in 2013 from 15 percent to 30 percent, indicating that this type of user data is becoming more commercially valuable to hackers.
• Stealing information. Some apps collect device-specific and user-specific data, such as device information, configuration data, and personal and enterprise content.
• Reconfiguring devices. These apps elevate privileges or modify settings in a device’s operating system, which can open the door to attackers.
• Piggybacking on accounts. Many apps cost organizations money by using mobile accounts to send text messages, make phone calls, or consume data.
• Compromising two-factor authentication. Some apps intercept text messages carrying one-time login codes, enabling hackers to gain unauthorized access to user accounts.
• Leveraging mobile OS vulnerabilities. The recent Android Fake ID vulnerability enabled hackers to steal personal information such as passwords and financial data from Android users via an app that used phony security credentials to access other apps on a user’s device.

Symantec’s exclusive technology, Norton Mobile Insight and Norton Community Watch, can help protect the organization from these mobile threats.  By performing real-time static and dynamic analysis combined with machine learning, Norton Mobile Insight understands an apps behavior and the risks involved in keeping an app on a device. Norton Community Watch is a vibrant network of millions of users who allow Symantec to collect anonymous metadata, performance data and previously unseen apps on their devices (25% of the apps analyzed were not distributed via apps stores).

This data and analysis combined with robust policy controls in Symantec Mobility: Suite help protect the enterprise against data leaks via apps, malicious apps, so IT administrators can have one less challenge to deal with while trying to adopt Android into their workforce.