Articles on this Page
- 07/19/16--05:57: _REPORT: Organizatio...
- 07/19/16--22:59: _レポート: 増加するランサムウェアの脅...
- 07/19/16--23:12: _报告:各机构必须对勒索软件日益增加的威...
- 07/20/16--10:06: _Symantec at Black H...
- 07/20/16--14:50: _Findings from the r...
- 07/21/16--06:06: _Tinder safe dating ...
- 07/21/16--09:50: _Symantec Uncovers N...
- 07/21/16--09:58: _Your Greatest Way t...
- 07/21/16--23:40: _Tinder安全交友垃圾邮件利用安全问...
- 07/22/16--01:56: _出会い系アプリ Tinder に出現し...
- 07/22/16--06:08: _Scan Engine
- 07/22/16--08:46: _Attend the Symantec...
- 07/25/16--05:56: _Patchwork cyberespi...
- 07/26/16--18:11: _Patchwork网络间谍团伙将目标从...
- 07/26/16--23:23: _サイバースパイグループ Patchwo...
- 07/27/16--06:00: _Another media-steal...
- 07/27/16--10:12: _The Patent Truth Ab...
- 07/27/16--23:54: _メディアを盗み出すアプリ、Google...
- 07/28/16--00:11: _谷歌电子市场发现另一种可盗取媒体文件的...
- 08/01/16--05:38: _Symantec CEO Greg C...
- 07/19/16--22:59: レポート: 増加するランサムウェアの脅威に、企業も対策を
- 07/19/16--23:12: 报告:各机构必须对勒索软件日益增加的威胁做出响应
- 07/20/16--10:06: Symantec at Black Hat 2016
- "Hack the Vote": Visit our booth to cast your vote in a simulated presidential election and learn how cyber vulnerabilities could affect the election process.
- Theater Presentations: Join our interactive presentations to learn more about Symantec solutions and win fabulous prizes.
- Capture the Flag: Hunt for security vulnerabilities in a system and go home with high-tech gadgets.
- Ask the Experts Espresso Bar: Have a coffee with our security experts while clarifying your questions and deep-diving into Symantec solutions.
- 07/20/16--14:50: Findings from the recent Symantec Certified satisfaction survey
- 75% report better job performance
- 55% report faster identification and resolution of issues
- 52% report more complete utilization of the full functionality of SYMC products
- 50% report being Symantec Certified contributes to influencing the purchase or renewal of Symantec software
- 46% report being asked about Symantec certification by employers and/or recruiters
- 36% won a customer bid / contract
- 35% are able to justify recommendations to purchase or renew Symantec products or technologies
- 07/21/16--06:06: Tinder safe dating spam uses safety to scam users out of money
- The MATI team has observed a significant amount of cybercrime coming from Egypt, Iran, Lebanon and Turkey.
- Locky and other ransomware variants as well as Trojan downloaders are currently the most common malware threat found communicating with MENA BPHS infrastructure.
- Attractive pricing and improved tech infrastructure is driving increased use by a wide variety of actors.
- These BPHS providers have been observed facilitating multiple cybercrime operations, including operating phishing sites and command-and-control servers, as well as supporting infrastructure aimed at delivering high volumes of ransomware variants such as Locky, CryptoLocker and DMALocker to compromised hosts. Other identified criminal activity observed includes distributing Trojan downloaders such as Pony and Upatre, which have been observed in past criminal endeavors delivering banking Trojans such as Dridex, Vawtrak (a.k.a. Snifula), URLZone and other malware.
- Sophisticated pricing structures are a key element of the cybercriminals’ marketing strategy. Their promotions boast incentives such as price reductions for referrals, 3-for-2 pricing packages, credits for switching BPHS providers, and discounts for buying services in specified countries.
- The identified actors have well-developed activity in other regions, and they have identifiable names, aliases and email addresses. Some of the provider’s activities are documented as far back as 2008.
- In the past, these providers have been linked with infrastructure used in widespread criminal operations involving financial malware such as Dyre, Tiny Banker (a.k.a. Tinba), and Dridex.
- Keep up with the research in all the MATI reports on the MENA region to better understand trends in the marketplace.
- Use the technical indicators of compromise supplied to conduct further research on your organization’s security exposure. Also, tune your security protections such as firewalls and IDS/IPS. This step is critical to building a strong line of defense against these malicious actors.
- Once gaps are identified, adjust strategic, operational and tactical controls to strengthen your security posture.
- Use the MATI-provided intelligence along with your internal information sources to augment your ongoing threat intelligence operation.
- 07/21/16--09:58: Your Greatest Way to Give Back May be What You Already Know
- Eileen Brewer, Senior Manager, Security Appliances Team, Volunteer of the Quarter
- Kuldeep Khanijow, Senior Principal Business Ops Analyst
- Mohna Dhomse, Senior Manager, Info Development
- Devanshi Sheth, Principal Program Manager
- 07/21/16--23:40: Tinder安全交友垃圾邮件利用安全问题诈骗用户钱财
- 07/22/16--01:56: 出会い系アプリ Tinder に出現したスパムが、安全性を悪用してユーザーから金銭を奪取
- 07/22/16--06:08: Scan Engine
- Compelling Keynotes: See FBI Director James Comey and OPM Acting Director Beth Cobert take the stage.
- Top-notch Experts: Join leaders from DHS, DISA, HHS, NARA, NGA, State Department, TSA, and more to discuss today’s most pressing cyber issues.
- Engaging TECHTalks: Hear from Jane Holl Lute, special coordinator, United Nations, and Nuala O’Connor, president and CEO, Center for Democracy and Technology, for a discussion on balancing privacy and security.
- Relevant Content: Attend interactive sessions to examine issues at the forefront of government cyber security, including cyber intelligence, risk management, insider threats, and much more.
- Interactive TechXpo: Explore innovative cyber security solutions, programs, and simulations with industry and government exhibitors, including DHS’s Enhanced Cybersecurity Services, ISSA, NICCS, and NIST.
- 2016 Symantec Government Symposium
- Symantec Government Report: 2016 Internet Security Threat Report
- How to Approach Innovation by Symantec CSO Tim Fitzgerald
- 07/26/16--18:11: Patchwork网络间谍团伙将目标从政府机构扩展至各行各业
- 07/26/16--23:23: サイバースパイグループ Patchwork、政府関係から各種の産業へ標的を拡大
- 07/27/16--06:00: Another media-stealing app found on Google Play
- 07/27/16--10:12: The Patent Truth About Women in Tech
- 07/27/16--23:54: メディアを盗み出すアプリ、Google Play に再び出現
- 07/28/16--00:11: 谷歌电子市场发现另一种可盗取媒体文件的应用程序
- 08/01/16--05:38: Symantec CEO Greg Clark Ushers in New Era of Cyber Security
New Symantec report finds ransomware numbers and ransom demands are on the rise, with corporations increasingly coming into the line of fire.
Black Hat, one of the most technical and global information security event series, returns to Las Vegas, Nevada for its 19th year. Join Symantec’s security researchers and experts as they share their analysis of the latest cyber threats, trends, and attackers.
Whether you enjoy the entertaining simulacra casinos of “Paris” or “New York” or the ancient Egyptian Pyramids, you realize the threat of cyber attacks is real and serious. Symantec can help deliver concrete, actionable intelligence―while combining fun and innovative cyber security scenarios like “Capture the Flag”―a security challenge for visitors to test their skills and hunt for security vulnerabilities in a system.
Heading to Black Hat 2016 in Las Vegas? Don’t miss the following Symantec sessions:
Title:The Unbearable Lightness of Cyber Security
Speaker: Antonio Forzieri, Global Cyber Security Practice Lead, Symantec
Date: Wednesday, August 3
Location: Reef B – Exhibit Hall
Abstract: Even the most sophisticated security teams can struggle with the basics of maintaining a strong security posture. Learn how to extend the capabilities of your security teams so you can move beyond the basics to minimize detection and response times, reduce operational costs, and get ahead of emerging threats.
Title:Hardening AWS Environments and Automating Incident Response for AWS Compromises
Speakers: Alex McCormack, Principal Software Engineer, Symantec; Andrew Krug, Senior Software Engineer, Symantec
Date: Thursday, August 4
Location: Lagoon K
Abstract: The cloud offers the ability to respond to an incident by programmatically collecting evidence and quarantining instances, but with this programmatic ability comes the risk of a compromised API key. Learn about custom tooling so the entire incident response process can be automated based on certain triggers within the AWS account.
Be Sure to Visit Symantec at Booth #523
Interact with our experts and learn more about Symantec while winning fabulous prizes. Daily raffles of an Oculus Rift Bundle! Don’t miss out on any of these:
For more information on sessions, booth activities, resources and more, visit Symantec Black Hat 2016.
As a leader in global cyber security, Symantec is uniquely positioned to help organizations reduce risk, speed up remediation, and grow business confidently. We’re thrilled to be a part of Black Hat 2016.
See you there!
Did you know…? As a result of the process to become Symantec Certified:
Learn more at http://go.symantec.com/certification
Scammers drive users to fake verification site that signs them up to adult webcam and erotic video websites.
Symantec Uncovers New Details on Cybercriminals in the Middle East and North Africa
Project Desert Host highlights tactics, techniques and procedures of adversaries in region
Symantec analysts have observed a spike in malicious activity – chiefly ransomware variants, such as Locky, Cryptolocker, and DMA Locker – communicating with bullet proof hosting service (BPHS) infrastructure in four key Middle East and North Africa (MENA) countries: Egypt, Iran, Lebanon, and Turkey. These are among the details highlighted in the latest report from Symantec’s DeepSight Intelligence Managed Adversary and Threat Intelligence (MATI) on MENA cybercrime.
Titled “Project Desert Host: Three Identified Bulletproof Hosting Providers”, the report is the second in a series connected with Project Desert Host, which represents the MATI team’s ongoing research on cybercriminal activity in the MENA region. It provides additional findings surrounding the criminal marketplace and actors behind the BPHS advertisements and offerings.
DeepSight’s MATI report highlights the following findings:
MATI analysts tracked multiple actors engaged in advertising on MENA-based hosting services. All are Russian speaking. In-depth profiles of several of these BPHS providers, including their TTPs, their pricing, and their infrastructure, are covered in this new installment.
More on the ongoing research effort
MATI research on cybercrime connected to BPHS in the MENA region is a multi-stage project. The MATI team anticipates Project Desert Host will provide more data on threat operations in MENA, including threat groups, actors and their motivations and targets.
Symantec’s MATI team of intelligence analysts are dedicated to understanding the adversary ecosystem. The team provides insightful reports on adversaries, including their TTPs and attack campaigns. With well-developed research skills, rich foreign language capability and access to the fields where cybercriminals operate, the MATI team produces high fidelity information for organizations that want to strengthen their defense against malicious actors. That is why Symantec’s research on growth in cybercriminal activity in the MENA region is an important effort.
How CISOs and their security operations teams can use this information
The data and additional context that this research provides can help companies to better focus their threat prevention efforts and to improve their risk posture. Among the ways CISOs can leverage this data:
Visit Us at Black Hat USA
Hear more about this research from a MATI analyst at Symantec’s booth (#523) on August 3rd and 4th at the Black Hat Conference.
Learn Even More
The DeepSight MATI team produces intelligence to help organizations improve their security posture. To find out how you can access all of the DeepSight Intelligence research reports, call us at (866) 422-5181 or request a call.
When asked who has inspired and influenced you throughout your life or career, many people can point to a family member, a teacher, or colleague who has had a significant impact on their life. However, how many of us can say we've actually served as a mentor ourselves? Often we forget that the best of what we have to offer others, one of our most impactful ways to give back, lies in what we already know – our skills, experience and expertise.
This is precisely the case with mentoring. Studies show there are numerous benefits to mentees at any level. Mentors provide critical real-world experience and anecdotes on professional life that you just can't glean from a textbook or lecture. Sometimes you have to live it to learn it, and mentors are a resource to access this real-life learning.
Conversely, mentoring offers numerous benefits for the mentor themselves – building leadership and communications skills, gaining new perspectives on their function, company or industry, and providing contentment that they are making a difference in someone's life.
TriplePundit's recent article 'Corporate Mentoring Builds Leaders From Within,' discusses the positive impact mentoring has on both the mentor and mentee.
Mentoring has a tangible value for everyone involved. One of the largest take a ways mentoring can provide are the creative, diverse perspectives gained from the mentee. Mentoring can also increases the confidence of those being mentored as they gain a different perspective on how to deal with issues they face.
Within organizations, mentoring can be a core component of professional development. But organizations can also encourage employees to lend their time and talents to others outside of their own organization. The primary focus of Symantec’s external mentoring efforts focus on empowering and inspiring students in STEM and helping us meet our 2020 goal to excite, engage and educate 1 million students in science, technology, engineering and mathematics (STEM) education. Employees at all levels are helping us achieve this, empowering students and professionals across the world.
Symantec employee, Anna Xie, mentors a group of middle-school girls as they prepare for the Technovation Challenge in Cupertino, CA.
For example, Darren Thomson, Symantec's EMEA CTO, is currently mentoring two female students interested in STEM. The program will last 3-4 years where the girls will gain invaluable experience as they approach their university studies. They will gain real-world work experience and interact with Symantec employees across a variety of functions, as well as receiving guidance from Darren through one-on-one meetings, university tours and the chance to attend key Symantec events. At the same time, Darren is really looking forward to the experience and chance for a fresh perspective on his business and industry, as well as a view into the journey of young students pursuing their passions for STEM.
Additionally, Symantec employees are working as Professional Mentors through TechWomen, a five-week program where future female leaders in STEM from the Middle East and Africa come to work at Symantec and other technology companies. Participants work side-by-side with Symantec mentors, gaining technical and soft skills to take back to their job and share with others. Each year select mentors also choose to visit participant home countries and engage females in STEM through additional mentoring, educational workshops and more.
We thank all of our TechWomen Professional Mentors for giving their time to this impactful program including:
"It’s hard to describe how inspiring it is to witness the learning process and see these young women from remote communities in Africa and the Middle East beam with pride once they’ve ‘got it,’"says Eileen Brewer.
Last year, TIME magazine's article "The Secret to Happiness is Helping Others" highlighted scientific research that proves we are happier when we give back … in the right ways. This includes finding a cause you are passionate about and an opportunity that allows you to leverage your skills and interests.
As the article states, "The key is finding the approach that fits us. When we do, then the more we give, the more we stand to gain purpose, meaning and happiness—all of the things that we look for in life but are so hard to find."
For some, mentoring might just be that perfect fit.
Lora Phillips is Symantec’s Director, Corporate Responsibility
Busco mas información sobre Scan Engine, he instalado un entorno virtual para testearlo pero aun no tengo claro si esta herramienta es la adecuada para lo que necesito. A través de su sdk, necesito escanear archivos desde una app desarrollada en C#.
- Scan Engine necesita que el antivirus este instalado?, no tengo claro si Scan Engine es un cliente para Norton o el en si es un antivirus.
- En caso de que no necesite de Norton, ¿Scan Engine baja actualizaciones periódicamente? o ¿como se mantendría la base de datos de virus actualizada?.
- Instale un servidor microsoft server 2012 r2, en el instale Scan Engine y sobre ese mismo servidor correría la app que consumiría Scan Engine a través del SDK, este entorno seria igual al entorno de producción en caso tal de que la herramienta sea la adecuada, ¿que costo de licenciamiento tendría Scan Engine en este caso?
Les agradezco por su colaboración de antemano.
A government organization or a financial company targeted for attack once is likely to be targeted again at least three more times throughout the year, according to the Symantec 2016 Internet Security Threat Report (ISTR) Vol 21. Cyber criminals are setting their sights on governments and large enterprises. In fact, large businesses that experienced a cyber attack saw an average of 3.6 successful attacks each last year, according to the ISTR Vol 21.
Organizations are battling hard against these cyber threats, monitoring activity from the cloud, to the network edge, to endpoints. Enterprises and governments are generating more security data than ever before.
But they’re also drowning in it.
How do you transform data into timely, actionable intelligence to protect infrastructure, information, and identities? And how do you put intelligence in the right hands so you can take action, while still addressing privacy requirements and other mandates?
Join the 2016 Symantec Government Symposium on August 30, 2016 in Washington D.C. to find out.
More than 1,000 attendees from the public and private sectors will convene at the 2016 Symantec Government Symposium. Five reasons for attending include:
As a leader in cyber security, Symantec is uniquely positioned to provide strategic insights into the rapidly evolving threat landscape. Several Symantec executives and experts will be speaking at the 2016 event and delivering compelling insights:
Nico Popp, Senior Vice President, Information Protection
Rob Potter, Vice President, Americas
Tim Fitzgerald, Chief Security Officer
Kevin Haley, Director of Product Management, Security Response
Kelley Bray, Employee Trust Lead, Global Security Office
Aaron Cohen, Director, Cyber Skills Development, Cyber Security Services Group
Ken Durbin, Unified Security Strategist
Josh Larsen, Director of Product Development, CSS Emerging Technologies
What are you waiting for? Register for the 2016 Symantec Government Symposium event today!
Be sure to check on the following for additional insights:
Symantec finds that Patchwork now targets a variety of industries in the US, China, Japan, South East Asia, and the UK.
The HTML Source Code Viewer app by Sunuba Gaming poses as a development tool then steals pictures and videos from mobile devices.
This article was originally posted on Symantec's Medium publication #iamtech, which explores the experience of minorities and women in tech through engaging personal stories within and outside of Symantec.
Standing before a roomful of Symantec inventors at a recent recognition luncheon, I spotted something that made the event bittersweet.
I’d earned an invitation because I’d filed more than a dozen Invention Disclosure Forms, the first step in patent filing, since joining Symantec in 2013.
Half of the executive team, including the CEO, showed up. Congratulations poured my way. I felt great. The company was telling me, “Hey, you really did a lot.”
The CEO even called me out as being an example: “We’re so excited to have a woman inventor here!” But when I looked around the room at my fellow inventors, I spied only a few other women.
I didn’t want to be the token example of an achieving minority. I’d rather be part of a crowd of them. I sighed as I thought, “We’ve got a lot of work to do.”
Women and other minorities have to raise our profile in the male-dominated tech industry. And one way we can do that is through patents.
Patents say you’re creative, confident and competitive. A patent also celebrates your intellectual achievements.
Male or female, you need a certain amount of chutzpah to file a patent in the first place. When you create a patent, you’re saying, “I have a lot of confidence in this idea; it’s worthwhile; it’s worth protecting.”
For women, patents push back against people’s biases that men are better engineers than women. I’m a scientist so I think data talks — and in volumes. Rather than telling men they should embrace diversity and be more welcoming of women, you can say, “Look, women are doing exactly as much as you guys are.” It’s quantifiable. I think that speaks. It says women create the same value as men and are worth the same money, too.
Encouraging people to invent and come up with new ideas is what Silicon Valley is all about. We want good ideas that we can turn into products and features. While the ideas do need to be genuinely new, they don’t need to be grand schemes like Google’s page-rank algorithm. They can be incremental, like improving an algorithm’s accuracy by half a percentage point or making a piece of code run 3% faster. And the ideas can come from anyone, anywhere.
Aleatha Parker-Wood is a Principal Research Engineer at Symantec. Read more of her story, "The Patent Truth About Women in Tech" on Medium here.
Sunuba Gaming が公開している HTML Source Code Viewer というアプリは、開発ツールに偽装しながら、写真と動画をモバイルデバイスから盗み出します。
Today marks the beginning of a new era in cyber security with the completion of Symantec’s acquisition of Blue Coat. We stand proudly under the Symantec banner with a shared passion to keep the world’s information and our customers safe.
Since announcing the transaction I’ve heard from countless customers, partners and investors who have voiced their support. What they’re telling me is that this combination makes sense because we’re creating a first-of-its-kind portfolio that no one else can match. Only Symantec will have the talent, scale and resources to help customers architect a cyber defense strategy to protect against advanced attacks as their workforce becomes more mobile and moves to the cloud.
As we shift into execution mode of our integration strategy, we are focused on capturing the strengths of both companies to ensure a seamless and efficient transition. While the opportunity ahead for us is vast, to seize it, we must apply rigor, move faster and continue to transform. A big part of my job is to accelerate our ability to bring innovative products to our customers more quickly.
When I think about how cyber security technology will be used to protect the world it is imperative that our industry allows customers to make strategic decisions that are right for them. My vision is that Symantec’s platform will fuel an ecosystem that encourages vendors of all sizes to play a part in tackling our industry’s toughest challenges. Our commitment to an open platform anchors every aspect of our Symantec/Blue Coat integration work.
I am honored to lead Symantec as it enters its next chapter of expanded product innovation and growth. As the largest dedicated cyber security company on the planet, we’re eager to get started and we look forward to defining the future of cyber security with you.
To hear more about our early thinking, watch the above video conversation with Symantec’s Hugh Thompson and myself.