Articles on this Page
- 11/09/16--12:24: _Machine Learning: N...
- 11/09/16--14:40: _WEBINAR: The Rise ...
- 11/09/16--17:03: _BEC诈骗新方式：先与受害者搭建信任，...
- 11/10/16--06:00: _Latest Intelligence...
- 11/04/16--09:06: _Upgrading To SEP 14...
- 11/10/16--14:20: _4,000+ Hours Making...
- 11/10/16--15:42: _Chrome 53 Bug Affec...
- 11/10/16--17:19: _信頼関係を築いてから電信送金を指示する...
- 11/10/16--17:50: _2016年10月最新情报
- 11/11/16--11:25: _WEBINAR: Effective ...
- 11/11/16--12:09: _WEBINAR: Upgrading ...
- 11/11/16--15:42: _Honoring Those Who ...
- 11/12/16--10:10: _Symantec Leapfrogs ...
- 11/13/16--17:15: _2016 年 10 月の最新インテリジェンス
- 11/15/16--17:42: _Symantec Named a Le...
- 11/15/16--18:23: _升级至SEP 14：您都需要了解些什么
- 11/15/16--23:40: _SEP 14 へのアップグレード - ...
- 11/16/16--09:19: _Three-Dimensional D...
- 11/17/16--05:58: _Android banking mal...
- 11/17/16--23:49: _Android で金融機関を狙うマルウ...
- 11/09/16--12:24: Machine Learning: New Frontiers in Advanced Threat Detection
- Static attributes: We start by inspecting thousands of static characteristics of a file – things like file name, function calls, entropy, etc.
- Dynamic behaviors: We then dig deeper to understand a program’s dynamic behaviors. We watch for combinations of thousands of behaviors – for example, does the program connect to the network, does it launch another process, does it access registry keys, etc.
- Relationships and reputation: To complete the picture, we examine the file’s relationships with other files, machines and URLs to generate a file “reputation.” Inspired by “the wisdom of the crowd,” this reputation analysis runs on big data at scale in our cloud, and enables us to understand if a program seen on only one or a few machines around the world is likely malicious.
- 11/09/16--14:40: WEBINAR: The Rise in Ransomware
- Anthony Aragues (VP Product Management, Anomali)
- Alison Ali (Cyber Intelligence Analyst, Symantec)
- 11/09/16--17:03: BEC诈骗新方式：先与受害者搭建信任，之后再要求其进行电子转账
- 11/10/16--06:00: Latest Intelligence for October 2016
- 11/04/16--09:06: Upgrading To SEP 14 – What You Need To Know
- Preparing for a Successful Install
- Downloading SEP 14 and
- The Upgrade Process
- Verify the System Requirements
- Review Best Practices, the security administrator’s #1 resource for migration
- Download Endpoint Protection 14 and start managing 12, 14, Windows, Mac, embedded systems, and virtual machines from a single console.
- Review Release Notes and Systems Requirements
- Be prepared – download the Symantec Help SymDiag diagnostic tool to determine whether the computers meet minimum system requirements. It can also gather data for support assisted troubleshooting and providing links to other customer self-help and support resources.
- If you are migrating to Windows 10 as well as upgrading Symantec Endpoint Protection from version 12.1.6 or earlier, you must migrate Symantec Endpoint Protection first – learn more
- Symantec recommends that you upgrade the entire network to the current version of Symantec Endpoint Protection, rather than manage multiple versions.
- To generate a list of SEP versions in your environment run a report from the SEPM
- Review Best Practices, the Administrators #1 resource for your SEP 14 upgrade
- Ensure the proper exclusions have been made to any peripheral firewall or proxy to ensure successful communication with all Symantec servers
- Even trusted web domains may need to be excluded from scans – review all possible scan exclusions for your environment before you upgrade your clients
- Ensure the proper exclusions have been made to any peripheral firewall or proxy to ensure successful communication with all Symantec servers
- Look over the Guide to Endpoint Protection Files on FileConnect before you download
- Read the FAQ for additional information. Customers with a valid support contract can download from FileConnect using their product serial number, which begins with an M.
- Step 1: Create an upgrade plan
- Step 2: Back up and prepare for disaster recovery (critical)
- Step 3: Prepare Symantec Endpoint Protection 11.x managers
- Disable replication
- Disable the "Protect client files and registry keys" Application Control Policy
- Remove client packages assigned to the client groups
- Disable replication
- Step 4: Stop the Symantec Endpoint Protection Manager service
- Step 5: Upgrade the Symantec Endpoint Protection Manager
- You install the new version over the existing version. The over install process saves your settings and then upgrades to the latest version.
- You install the new version over the existing version. The over install process saves your settings and then upgrades to the latest version.
- Step 6: Upgrade the Symantec Endpoint Protection clients
- You do not need to uninstall previous clients before you install the new version. The over install process saves the client settings and then upgrades the client to the latest version. Note: Clients that are Group Update Providers (GUPs) should be upgraded before other Endpoint Production clients.
- Read the How-To Article if you need to renew or activate new/additional licenses
- Don’t have a serial number: visit the Symantec Licensing portal or contact Customer Care at 1-800-721-3934.
- If the .zip file fails to execute or the download doesn’t complete search the Customer Support database or contact Customer Care at 1-800-721-3934 or via email where available.
- If you need help getting started use the Getting Started Guide. Under the Manage tab you can get connected by joining Symantec Connect or educate yourself with hundreds of free on-demand training classes.
- 11/10/16--14:20: 4,000+ Hours Making the World a Better, Safer Place
- 11/10/16--15:42: Chrome 53 Bug Affecting Symantec SSL/TLS Certificates
- 11/10/16--17:19: 信頼関係を築いてから電信送金を指示する形に進化した、新しい BEC 詐欺
- 11/10/16--17:50: 2016年10月最新情报
- 11/11/16--11:25: WEBINAR: Effective Patch Strategies for Windows 10 and Office 365
- 11/11/16--15:42: Honoring Those Who Have Served Us - Celebrating Veteran’s Day
- Newsletter and Marketing Email Handling enables customers to manage newsletters and marketing emails separately from spam. This increases user productivity by allowing admins to block, quarantine, or tag newsletters & marketing emails for cleaner, more organized inboxes.
- Email Quarantine Enhancements allow admins to quarantine emails containing confidential or inappropriate content, as well as spam, and newsletters & marketing emails. This includes a new, mobile-optimized quarantine for users in which emails can be released to an admin for further investigation. Detailed reporting provides greater visibility into usage of the quarantine to email admins.
- Automated Malware Alerting sends automatic, post-delivery alerts to customers in case emails containing malware are delivered to end-users. This minimizes exposure to threats by expediting incident detection and remediation.
- Improved Email Reporting accelerates threat investigation and response with improved reporting of attacks that make it easier for security teams to export Indicators of Compromise such as file hashes and view threat intelligence from the Symantec Global Intelligence Network.
- 11/13/16--17:15: 2016 年 10 月の最新インテリジェンス
- 11/15/16--17:42: Symantec Named a Leader in Data Loss Prevention
- Integration of Symantec DLP and CASB to give you complete visibility and control of sensitive data in cloud apps
- Advanced cloud discovery and monitoring for Box, Gmail and Microsoft Office 365 in DLP 14.5
- Expanded endpoint control for a wide range of new apps, file types and operating systems in DLP 14.5
- 11/15/16--18:23: 升级至SEP 14：您都需要了解些什么
- 下载SEP 14
- 下载Endpoint Protection 14，并通过单一控制台开始管理SEP 12、SEP 14、Windows、Mac、嵌入系统和虚拟机
- 准备工作：下载Symantec Help SymDiag诊断工具以确定计算机是否能满足系统最低要求。该工具还可以收集相关数据，从而在故障排除中给予帮助，并提供其他客户自助和支持资源的链接
- 如果您的操作系统要迁移至Windows 10并对12.1.6及以前版本的SEP进行升级，则必须先对SEP的版本进行迁移 — 了解更多相关信息
- 查看最佳经验，即管理员的SEP 14首要升级资源
- 在下载SEP前，应先查看FileConnect上的Endpoint Protection文件指南
- 第二步: 备份相关数据并做好灾难性还原准备工作（非常重要）
- 第三步：在SEP 11.x管理端上做好准备
- 禁用“保护客户文件和注册表项” 应用程序控制策略
- 如果您需要相关帮助，则请查看入门指南。点击“管理”标签，您可以加入Symantec Connect与我们进行沟通，也可以参加数百节免费点播的培训课程进行自学。
- 11/15/16--23:40: SEP 14 へのアップグレード - これだけはお読みください
- SEP 14 をダウンロードする
- Endpoint Protection 14 をダウンロードし、12、14、Windows、Mac、組み込みシステム、仮想マシンを 1 つのコンソールから管理しましょう。
- 準備 - シマンテックヘルプの SymDiagダウンロードしてください。お使いのコンピュータが最小システム要件を満たしているかどうかを確認できる診断ツールです。 トラブルシューティング対応に必要なデータを収集する機能もあり、お客様による自己診断やサポートのリソースへのリンクも用意されています。
- Symantec Endpoint Protection をバージョン 12.1.6 以前からアップグレードするのと同時に、Windows 10 への移行もお考えの場合は、Symantec Endpoint Protection の移行を先に実行する必要があります（詳細はこちら）。
- 複数のバージョンを管理するのではなく、ネットワーク全体を最新バージョンの Symantec Endpoint Protection にアップグレードすることをお勧めします。
- 現在の環境で使われている SEP のバージョンリストを出力するには、SEPM からレポートを実行してください。
ベストプラクティスを確認してください。管理者が SEP 14 へのアップグレードのときに参照する最適なリソースです。
- 信頼できる Web ドメインであっても、スキャンから除外しなければならない場合もあります。クライアントをアップグレードする前に、考えられるスキャン例外をすべて確認してください。
- ダウンロードの前に、「FileConnect の Endpoint Protection ファイルに関するガイド」もお読みください。
- その他の情報については、FAQをお読みください。有効なサポート契約をお持ちの場合は、製品のシリアル番号（M で始まる）を使って FileConnectをダウンロードできます。
- ステップ 1: アップグレード計画を立てる
- ステップ 2: バックアップを作成し、ディザスタリカバリに備える（必須）
- ステップ 3: Symantec Endpoint Protection 11.x マネージャを準備する
- アプリケーション制御ポリシーで「Protect client files and registry keys（クライアントのファイルとレジストリキーを保護）」を無効にします。
- ステップ 4: Symantec Endpoint Protection Manager サービスを停止する
- ステップ 5: Symantec Endpoint Protection Manager をアップグレードする
- ステップ 6: Symantec Endpoint Protection クライアントをアップグレードする
- 新しいバージョンのインストール前に、これまでのクライアントをアンインストールする必要はありません。インストール中にクライアント設定を保存したうえで、クライアントを最新バージョンにアップグレードします。注意: GUP（Group Update Provider）であるクライアントは、Endpoint Production クライアントより先にアップグレードしてください。
- シリアル番号がない: シマンテックライセンシングポータルにアクセスするか、カスタマーケア（1-800-721-3934）にお問い合わせください。
- .zip ファイルを実行できない、またはダウンロードが完了しない場合は、Customer Supportのデータベースを検索するか、カスタマーケアにお電話で（1-800-721-3934）、またはメールでお問い合わせください。
- 使い始めについて不明な点がある場合は、「Getting Started Guide」を参照してください。［Manage］タブで、Symantec Connect にご参加になるか、無料のオンデマンドトレーニングクラスで自習しましょう。
- 11/16/16--09:19: Three-Dimensional Data Protection: Access, Visibility, and Control
- Symantec Endpoint Encryption helps prevent breaches by protecting critical data sent by email, as well as with files shared on network drives and in the cloud.
- Second, Symantec’s unified policy controls the flow of information everywhere it goes—in the cloud (with Office 365, Box, Gmail and others), on premise, and with mobile applications. We deliver powerful protection without added complexity.
- Third, Symantec Data Loss Prevention (DLP) integrates with encryption to prevent accidental leaks through user error and secures devices against data loss or theft.
- The fourth area is that Symantec ensures you limit access to only trusted users and devices. Symantec VIP, VIP Access Manager, and Managed PKI Service offer rock-solid access control, reducing the risk and consequences of account takeovers.
- 11/17/16--23:49: Android で金融機関を狙うマルウェア、ホワイトリストの機能を悪用して攻撃者のサーバーとの接続を維持
Machine learning is one of the year’s hottest technology trends, driving innovation and making waves across both the enterprise and consumer technology landscape. Within the cybersecurity industry, many companies legitimately claim to do some machine learning, though it’s often not clear what that means, how it works, or even why it is important.
In this post, we’ll share more insight on Symantec’s investments in machine learning – and how that drove important innovations in Symantec Endpoint Protection 14.
Announced last week, the new software uses state-of-the-art machine learning technologies to block more attacks than the competition and significantly raise the bar on attackers. To achieve this, we combine a multi-layered approach with an insane amount of data, advanced algorithms and techniques, and an automation system to stay ahead of the attackers.
The machine learning work was led by our Center for Advanced Machine Learning, which we established in 2014. The team now includes 20+ experts who conduct high-impact R&D in machine learning architectures, algorithms and applications to address security and information management challenges. This includes leading-edge research in deep learning, probabilistic programming, reinforcement learning and Bayesian nonparametrics.
For Symantec Endpoint Protection 14, the group worked with Symantec’s security experts to develop a set of machine learning technologies that work together to examine three major dimensions of attacks. The three dimensions collectively provide a multi-layered threat assessment by analyzing what a file is (static), how it behaves (dynamic) and – via the cloud – what relationships it has with other files, machines and URLs (provenance):
The beauty of these three dimensions is that they are complementary to each other, so each can be aggressive in stopping threats because the other two dimensions serve as a “check” on its conclusions.
Big Data + Predictive Models = Smarter Protection
Big data is at the heart of Symantec’s approach to machine learning. Thanks to our broad footprint across endpoint, network and cloud security, we have threat and attack data from over 175 million endpoints and 57 million attack sensors being monitored in real time every day, minute by minute. That translates into billions of files and nearly four trillion relationships. That’s an enormous and rich dataset to train our classifier systems on “good,” “bad” and everything in between.
That’s important because data is the fuel for machine learning. You want lots of it. The more data you have, the “farther” you can go in building precise and effective detection technologies. You also want rich data. The more diverse and rich the data inputs, the more likely you are to uncover important hidden relationships. Ultimately, machine learning systems are only as good as the quality, diversity and reach of the datasets used to train them – and ours benefit from the world’s largest civilian threat intelligence network.
If data is the fuel, then algorithms are the engine of machine learning. Algorithms take data and produce models that are used to give us predictions, for example determining whether a file is malicious. Companies make a lot of noise about algorithms and models because they are trendy, and new ones appear all the time. The trick is knowing how to match the correct algorithm to the task and data at hand – i.e. the secret sauce for machine learning practitioners.
One of the key techniques we use is “ensembling,” which is a fancy way of saying “use many models and combine them in a good way.” It’s key to getting the best models possible – and was famously used in the $1M Netflix Prize. We add some “magic” through proprietary ensembling techniques that allow our systems to learn how best to combine predictions from many different models, even when we don’t know during training what the correct predictions are.
Another key technique we use is “adaptation.” Our security models must be continually tuned to track adversaries, changes in the software and network landscape and changes in user behavior. These are significant hurdles for traditional machine learning. For Symantec Endpoint Protection, we use a “meta-algorithm” called boosting, which operates by iteratively improving a model – each time focusing on the mistakes the model has previously made and correcting them without “unlearning” the things that were correct.
Last but not least, automation is essential for us to scale machine learning. We built automation for the entire machine learning process – from ingesting, cleaning and processing our telemetry data to optimizing and exploring different models. Without automation (and, of course, sufficient computing power) it simply would not be possible to “crunch all the numbers” and produce the best models.
What’s the end result? Simply put, Symantec has the most advanced machine learning available for endpoint security. A leading independent testing organization (AV-Test) recently tested Symantec Endpoint Protection 14, which beat all our competitors in detection and performance with minimal false positives. Even in artificial “scan” tests, the new software detected nearly 100% of threats at a nearly zero false positive rate. (Importantly, false positive performance in Symantec Endpoint Protection 14 can be tuned to meet customer policy requirements.)
We are excited about the new frontiers in threat detection made possible via machine learning and artificial intelligence. Used correctly, and with massive amounts of rich, diverse data being analyzed across endpoints and the cloud, these technologies are true game-changers in how we can fight attackers.
Please join us December 6 for a special webinar on the features and benefits of machine learning within Symantec Endpoint Protection 14. Learn more about the new product here and watch this space for weekly blog posts that drill into key capabilities with insights from Symantec and third-party experts.
Ransomware attacks are on the rise across the globe – more than 300% according to the FBI – and it’s an issue that is top of mind for companies across the globe.
Register for this live webinar on Wednesday, Nov. 16th to hear experts from DeepSight Intelligence and Anomali, a Symantec Threat Intelligence Platform (TIP) partner. They will discuss how Anomali’s ThreatStream solution combined with DeepSight Intelligence can help your prospects identify and prepare for these attacks.
Date: Wednesday, November 16, 2016
Time: 11:00 am PT/2:00pm ET
Register: Click here to register
Number of new malware variants rises to over 96 million and global spam hits highest rate in nearly a year.
Symantec Endpoint Protection 14 is now available! Take advantage of it to stop threats regardless of how they attack your endpoint; so you can focus on your business. Uniquely tiered protection combines artificial intelligence powered by advanced machine learning and essential technologies to deliver superior protection across all points of attack. The SEP console makes management and integration with existing security infrastructure possible, orchestrating response workflows to quickly stop the threat and the spread of infection and enabling complimentary solutions. The lightweight single agent merges multiple next-gen technologies such as exploit prevention and Endpoint Detection and Response (EDR) to reduce endpoint complexity, IT burden, and lower total cost of ownership; without compromising end-user productivity.
The upgrade to SEP 14 is easy and straightforward. To discuss it I’ll break the process into three stages:
Before we get started let’s look at the possible upgrade paths.
If you are on a Symantec Endpoint Protection Management (SEPM) Console version 12.x or later you can upgrade directly to SEP 14. In the case of SEPM 11 consoles, best practice is to bring up a new SEPM 14 and upgrade clients to SEP 14 from that console. However, if desired you can upgrade to SEPM 12.x first then to 14.
The SEP client, on the other hand, can be upgraded directly from 11.x or 12.x to 14.0.
Ensure the minimum system requirements are met for the platform and that the upgrade can be performed from that version of the client or SEPM before you attempt to upgrade to version 14. For example, for versions of the Mac client earlier than 12.1.4, you must either uninstall those versions or upgrade them first to a client version later than 12.1.4, before attempting the upgrade to 14. For SEPM
or clients on Windows XP platforms you cannot upgrade to 14 – they are no longer supported. In the case of the SEP 12.x client on Windows XP; the SEPM 14 can manage these computers as legacy 12.x clients.
If you have performed upgrades to SEP in the past the process is as simple as 1, 2, 3 (see the SEP 14 Migration page):
However, if you are new to the upgrade process or simply wish more details then read on…
Preparing for a Successful Install:
Downloading SEP 14:
The Upgrade Process:
Read the Tech Brief for step-by-step upgrade instructions. It is not necessary to uninstall your client software before beginning the upgrade. Be sure to perform your upgrade in the following order: SEPM first, then clients that are Group Update Providers (GUPs), followed by the remaining clients.
It’s important to keep maintenance current. Valid maintenance ensures continuous security protection, so that you are eligible to access critical security updates and other benefits, and to remain compliant. The Manage tab in the Getting Started Guide provides licensing and maintenance information.
From Mountain View to Dubai, Warsaw to Johannesburg, Lindon to Pune, Symantec employees around the globe came together last week to volunteer more than 4,000 hours during Symantec’s first annual Global Service Week. Global Service Week is one of the many ways we empower employees to help us meet our goal of reaching an average of four volunteer hours per employee by the year 2020.
As part of Global Service Week, community relations committees at sites across our global network planned and organized nearly 70 events at 21 Symantec and Blue Coat sites and many departments organized their own teambuilding volunteer projects.
As you can see, the impact has been tremendous. Whether out in the community or volunteering virtually at their desks, teams, business units and employees came together to feed the hungry; prepare students for professional interviews; beautify neighborhood parks, beaches, and schools; teach children and senior citizens how to stay safe online; plant trees; walk rescue dogs; donate blood, and so much more.
Individuals also volunteered on their own, or with family and friends, to benefit the causes most important to them.
Additionally, for every hour volunteers spent, money was donated to non-profits through Symantec’s Dollars for Doers program (providing a cash grant of $15 USD for every hour of volunteer service up to $1,000 per year).
Global Service Week provided opportunities for employees to connect with new organizations and explore various ways to give back yearround. Whether in person or virtually, as a team or individually, Symantec offers numerous ways for employees to carry out Symantec’s mission of making the world a better place; for example, through Dollars for Doers, Matching Grants, Nonprofit Board Service programs, as well as our newly launched Symantec Service Time (SST), introduced in July. Through SST every Symantec employee is given five full working days—with pay—to volunteer, or to serve on a community relations committee, Employee Resource Group (ERG), or Green Team. SST hours are also eligible for Symantec’s Dollars for Doers grants.
Coming together as one company to volunteer benefits our communities, our employees and our company. Employees who volunteer report improved time management, team building, networking, and professional skills. They feel better— physically, mentally and emotionally—manage their stress better, and feel a stronger connection to their communities and their employer.
“Global Service Week was a fantastic opportunity for employees around the world to come together with old friends and new, at a time when Symantec and Blue Coat are coming together as one company,” said Cecily Joseph, VP Corporate Responsibility.
“Symantec is committed to empowering employees to volunteer and we hope that this is just the beginning.”
Volunteers in Cape Town, South Africa supported Clean C during Global Service Week 2016.
Students received health kits and presentation from Symantec employees in Chennai, India.
Mountain View, CA employees spent a day buidling and decortating playhouses for Habitat for Humanity Silicon Valley.
Employees in Reading, UK help to clear Beale Park for future visitors.
We’ve been made aware of a bug in Chrome version 53 that affects some Symantec, GeoTrust, and Thawte SSL/TLS certificates resulting in an error display when visiting affected websites. There are no issues with the affected certificates and websites, and replacing these certificates will not help. Symantec is a strong supporter of Google Chrome and its Certificate Transparency (CT) policies. This is entirely a bug with Certificate Transparency handling that is only present in Chrome 53.
The recommended solution is to upgrade to Chrome 54 while Google is working on a patch to resolve this issue. Other browsers (i.e., Safari, Microsoft IE, Edge, Firefox, etc.) are unaffected by this bug.
WEBINAR: Effective Patch Strategies for Windows 10 and Office 365
TIME: 9:00 AM (PST) / 12:00 PM (EST)
SPEAKER: Damon Covey, Director of Regional Product Management
Microsoft has made significant changes in how they provide updates to Windows 10 and Office 365. These changes have caused confusion and additional complexity for many enterprises.
Please join us for this special webcast to gain a better understanding of what these changes are and how new features in IT Management Suite can help simplify using Windows 10 and Office 365.
Webinar On-Demand: Upgrading to Symantec Endpoint Protection 14: What you Need to Know
Find out why upgrading to SEP 14 is both smart and easy.
Learn what you should do to get started and where to go to find detailed instructions and help if you need it.
Today people across the United States celebrate Veterans Day, honoring those who have served the country’s military, as well as the families who have supported them. In the US alone, there are 18.8 million veterans and 1.6 million female veterans and over 400K businesses in the US are majority-owned by veterans.
At Symantec, we thank all military veterans and their families across the world for their service. We are happy today to highlight and honor people and programs across Symantec making a difference for veterans.
VETS Ambassadors at Symantec
At Symantec, our five employee resource groups (ERGs), including our Veteran Employees and Troop Support (VETS) group, play an important role in delivering on our diversity and inclusion strategies and help to foster innovation and support the growth of Symantec’s business. They help to build cultural awareness and a sense of belonging for our employees. Additionally, they serve as ambassadors to the broader community, volunteering and advocating on issues.
"Today and every day we have deep gratitude for all who have sacrificed to serve their countries. I am proud to lead our VETS employee resource group where Veterans across the world can come together to help each other and their colleagues excel at Symantec and continue to make our world a safer place."
– Tim Fitzgerald, Symantec Chief Security Officer and VETS ERG Executive Sponsor
If you are a veteran currently working at Symantec please email firstname.lastname@example.org to learn more about joining the VETS ERG leadership team.
Supporting Homeless Veterans in Downtown Boston
As part of Global Service Week, the Symantec Cambridge office sponsored and served a lunch at The New England Center for Homeless Veterans (NECHV), a national leader in housing. Located in Downtown Boston, NECHV supports Veterans with innovative services that enable success, meaningful employment, and dignified independent living.
Symantec sponsored the lunch service for over 80 veterans and employees helped serve the lunch on site. While on site, they also got a tour of the facility and had a chance to learn more about the mission, as well as the people who come there.
The feedback from the veterans and from our employees was overwhelmingly positive – the veterans were extremely appreciative of the lunch and employees were happy to give back to such a worthwhile cause.
“I am very grateful for the opportunity to have volunteered at the New England Center and Home for Veterans (NECHV). As I served food that Symantec donated, I witnessed the deep need among veterans in our community. Based on that experience, I plan to volunteer more with my family at NECHV, recognizing the value that these veterans contributed to me personally and to our nation,” said one Cambridge employee.
Others echoed those comments, sharing that “The folks at NECHV were so appreciative of us coming to help. Seeing the smiles on everyone’s faces, and how excited they were to tell us about what they have been working on, really made us want to come back.”
Symantec employees volunteer to serve lunch at The New England Center for Homeless Veterans in downtown Boston.
Symantec’s SC3 Helps Veterans Build Skills and Find Long-Term Careers
Additionally, our signature CSR program the Symantec Cyber Career Connection (SC3) provides a pathway for veterans to enter the cyber security field through targeted education, training and certifications that position them to fill in-demand cyber security jobs and enter long-term careers. To date, 24 of our SC3 graduates are veterans.
Inspiring Veterans at Symantec
Symantec’s Jackie Duncan recently wrote a piece on our #iamtech publication “You Don’t Have to Be a Techie to Work in Tech”. The piece explores Jackie experience from joining the Royal Airforce and becoming one of the first female Chinook helicopter pilots to her current role in EMEA sales operations at Symantec.
“While the military, railway and Symantec carry out different missions, they each focus on safety and security. And each runs like any organization, with people, systems and processes. If the organization has a purpose that fits you, and you can wrap your head around how it works, it won’t matter what industry you’re in. You’ll see your skills are transferrable.
Choosing a career is about understanding your skills, how you tick and finding a company that shares your values.”
We wish all Veterans in the US a happy Veterans Day and thank veterans across Symantec and the world for their service and contributions to keeping our world safe.
Spear phishing emails have been all over the news lately – from attackers wreaking havoc on the U.S. Presidential Election by leaking confidential emails found through targeted spear phishing attacks, to hackers using crafted emails to expose the personal data of 13,000 patients.
These threats, which use social engineering to trick individuals into clicking on malicious links or downloading malware sent through email, have gained traction as the ubiquity of email and the widespread adoption of traditional email security solutions have caused threats to evolve beyond basic spam and phishing threats in order to infiltrate organizations.
Today, spear phishing attacks target specific individuals in organizations and leverage complex techniques such as obfuscation of links or hiding malware in innocuous-looking documents to evade detection. For example, the spear phishing attack used to hack the Gmail account of John Podesta, chairman of the 2016 Hillary Clinton campaign, compromised his email account by spoofing a Google password reset notification and by using a shortened URL to make a malicious link look authentic.
How Can Organizations Stop Spear Phishing Attacks?
As the market leader in email security, Symantec recognizes that a proactive approach to security that blocks both new and known attacks is needed to combat spear phishing, since these threats are becoming more sophisticated and continuously evolving, with new attacks emerging each day.
In addition, organizations need a way to stop attacks that use smokescreen techniques such as obfuscating a link or weaponizing a link after an email is delivered. When combined with social engineering, these techniques make spear phishing attacks very difficult to prevent. For instance, a recent study found that 56% of individuals click on links in emails from unknown senders!
Symantec addresses these challenges today with strong URL protection through existing Real-Time Link Following capabilities in Symantec Email Security, which blocks malicious links used in spear phishing attacks before an email is delivered. We’ve been working hard to make this protection even better to deliver the most comprehensive URL protection in the email security market by adding new Click-Time URL Protectioncapabilities in the latest release of Symantec Email Security, which protects all mailboxes – whether they’re in the cloud, hosted, or on-premise! This technology blocks spear phishing attacks that contain malicious links by analyzing them when they are clicked by end-users and stopping links that are harmful.
How Does Click-Time URL Protection Work?
Click-Time URL Protection evaluates links in real-time when users click on them to ensure they don’t contain any malicious content. Links that contain malicious content are blocked while links that are safe proceed to their final destination link. This protects against spear phishing attacks that weaponize a link after an email is delivered by ensuring that links don’t become malicious after email delivery.
Both Real-Time Link Following and Click-Time URL Protection use the same approach to stop spear phishing attacks by performing deep evaluation of links in real-time, whether the link is in the body of an email or inside an attachment.
Links are tracked to their final destination, even when attackers use sophisticated techniques such as multiple redirects, shortened URLs, hijacked URLs, and time-based delays to bypass detection. Any files found at the destination URL are downloaded and deep heuristic analysis is performed to determine whether they are malware. This deep link evaluation blocks both new and targeted spear phishing attacks that contain malicious links for the most effective protection against spear phishing attacks.
Protect Against Complex Spear Phishing Attacks
Moreover, these technologies work with advanced heuristic capabilities in Symantec Email Security, which can identify spear phishing attacks that deploy even the most obfuscated malware. This functionality employs heuristic technologies to determine if an email contains any components of malicious code. For example, it can identify a malicious link hidden in a document, even if that document is inside another file such as a ZIP file! Skeptic works with Real-Time Link Following and Click-Time URL Protection capabilities to sniff out spear phishing attacks that leverage complex techniques used to evade detection by traditional email security solutions.
At Symantec, we’re continuously evolving and improving our solution, which blocks new and advanced email threats with the highest effectiveness and accuracy, to help you stay ahead of the latest threats, including the latest spear phishing attacks. The latest release of Symantec Email Security includes several other new capabilities and enhancements such as:
To learn more about the Symantec Email Security solution, please visit the Symantec Email Security.cloud webist today!
マルウェアの新しい亜種が 9,600 万に急増し、全世界のスパムの件数も過去 1 年間の最高記録を更新しました。
We’re excited to announce that Symantec has been recognized as a Leader in The Forrester Wave™: Data Loss Prevention Suites, Q4 2016, and was top-ranked across all three high-level categories: Current Offering, Strategy, and Market Presence.
What’s most striking to us about this year’s report is how dramatically the DLP vendor landscape has changed in the past six years. We believe that Symantec has been able to stay ahead of the pack thanks to the world’s largest team of R&D experts working on the next generation of DLP technology.
Continued innovation in data loss prevention
“Symantec continues to innovate in this space and has strong brand recognition in the DLP market.” -- The Forrester Wave™: Data Loss Prevention Suites, Q4 2016
We believe our scores in the report recognize Symantec’s ability to deliver the best DLP solution for security and risk (S&R) pros today. During the past six months alone, we’ve released a number of major innovations designed to eliminate security blind spots, including:
The most complete data loss prevention suite
“Symantec provides a comprehensive DLP suite with robust capabilities for intellectual property protection, information management, incident management, and encryption support.” -- The Forrester Wave™: Data Loss Prevention Suites, Q4 2016
Symantec Data Loss Prevention earned the highest scores possible across twenty-three criteria, including the three key differentiating criteria that go beyond traditional DLP:
5 out of 5 in Intellectual Property Protection
5 out of 5 in Information Management
5 out of 5 in Endpoint Visibility and Control
Read the full report
To learn more about the changing DLP market and how Symantec scored across all categories, read The Forrester Wave™: Data Loss Prevention Suites, Q4 2016, here.
Symantec Endpoint Protection（SEP）14现已有售！SEP 14可以阻止恶意软件以各种方式攻击端点设备，使您能够全身心投入到工作之中。其独特的多层保护功能结合的人工智能采用了先进的机器学习技术和其他关键技术，可有效防御来自所有点的攻击。SEP控制台使现有安全基础设施的管理与整合成为可能。该控制台可调控响应工作流，迅速阻止危险和感染传播，并启用相应的免费解决方案。这个体积小巧的软件整合了多种下一代技术，如漏洞利用预防，端点检测和响应(EDR)，从而在不破坏终端用户生产率的情况下减少端点复杂性、信息技术负担和所有权总成本。
若您的Symantec Endpoint Protection 管理(SEPM)控制台的版本为12.x或以上，则可直接升级为SEP 14。如果为SEPM 11控制台，则最好安装一个新的SEP 14管理端，之后再通过该控制台将客户端升级至SEP 14。然而，必要时您也可先升级为SEPM 12.x，之后再升级至SEP 14。
Windows XP平台不支持SEP14，因此该平台上的SEP管理端和客户端程序均无法升级至SEP 14。对于Windows XP SEP 12.x客户端来说，SEPM 14只能将这些计算机作为原有12.x客户端加以管理。
Symantec Endpoint Protection 14 をご利用いただけるようになりました。攻撃の手段にかかわらずエンドポイントに対する脅威を防ぎ、ビジネスに専念していただくためにも、ぜひ有効にご活用ください。高度なマシンラーニングと必須のテクノロジーがもたらす人工知能に、独自の多層型保護を組み合わせることによって、あらゆる攻撃ポイントで優れた保護機能を発揮します。SEP のコンソールでは、既存のセキュリティインフラストラクチャの管理と統合も可能です。そのため、レスポンスのワークフローを自在に編成し、脅威や感染の拡大を迅速に遮断して、総合的なソリューションを実現します。悪用防止、エンドポイントにおける検出および対応（EDR）といった、いくつもの次世代技術が、軽量なシングルエージェントに融合されているので、エンドポイントの複雑さや IT 担当者の負担が軽減され、総保有コストも削減されます。もちろん、エンドユーザーの生産性を損ねることはありません。
SEP 14 へのアップグレードは、単純明快です。わかりやすいように、次の 3 つのステージに分けてみます。
現在、バージョン 12.x 以降の Symantec Endpoint Protection Management（SEPM）コンソールをお使いの場合は、直接 SEP 14 にアップグレードできます。SEPM コンソールがバージョン 11.x の場合は、新しい SEPM 14 を導入したうえで、そのコンソールからクライアントを SEP 14 にアップグレードするというのが推奨の手順です。ただし、必要な場合にはいったん SEPM 12.x にアップグレードしてから 14 にアップグレードする方法もあります。
一方、SEP クライアントは 11.x からでも 12.x からでも直接 14.0 にアップグレードできます。
バージョン 14 にアップグレードする前に、プラットフォームの最小システム要件が満たされていることと、クライアントまたは SEPM の当該バージョンからアップグレードを実行できることを、必ずご確認ください。たとえば、Mac 版クライアントでバージョンが 12.1.4 以前の場合は、バージョン 14 にアップグレードする前に、まずクライアントをバージョン 12.1.4 以降にアップグレードする必要があります。
Windows XP プラットフォームで SEPM またはクライアントをお使いの場合、14 にはアップグレードできません。すでにサポート対象外です。Windows XP で SEP 12.x クライアントをお使いの場合は、そのままレガシーの 12.x クライアントとして SEPM 14 から管理できます。
以前にも SEP のアップグレードを実行したことがあれば、手順は次の 1、2、3 だけで、ごくシンプルです（SEP 14 への移行に関するページを参照）。
SEP 14 をダウンロードする:
ステップごとのアップグレード手順については、Tech Briefをお読みください。アップグレードを開始する前に、お使いのクライアントソフトウェアをアンインストールする必要はありません。アップグレードは、必ず次の順序で実行してください。最初に SEPM、次に GUP（Group Update Provider）であるクライアント、最後にその他のクライアントです。
メンテナンスは、常に最新の状態に保つことが肝要です。メンテナンスが有効であれば、セキュリティ保護が継続されるため、重要なセキュリティアップデートを利用できるなど、さまざまな利点があり、コンプライアンスも維持し続けられます。「Getting Started Guide」の「Manage」タブには、ライセンスとメンテナンスに関する情報が記載されています。
Knowledge is power. Whether it’s your proprietary data, customer insights, or strategic plans, data is valuable and needs protection. The problem is large. In 2015, half a billion personal records were stolen or lost, according to the Symantec 2016 Internet Security Threat Report Vol. 21 (ISTR).
What’s behind this risk? Our research shows both internal and external threats. Criminals have found that they can obtain your data by breaking into your systems or by targeting your staff who might be softer targets. If your staff use simple or default passwords, over-share data, or don’t follow security measures (such as removing redundant files from cloud services), they put your data at risk. And malicious insiders, such as disgruntled employees, may try to steal sensitive corporate data to further their career or to sabotage your company.
Data Protection is not just about data loss prevention, it’s also about protection and access control. The key questions revolve around how do we allow open access to everyone, while still ensuring sensitive data is properly controlled? And moreover, how do we do this correctly?
Symantec Information Protection
The objective is not to contain data, but instead place the right visibility, controls, and policies to ensure that data is useful and not over-exposed. There’s also the people element. Encouraging the right behavior is better for employee trust and security. Consider a member of your team that attaches a document to an email. If they accidentally attach the wrong file in their haste, it can lead to embarrassment at best or a PR disaster or worse. Ideally, you would want to intercept this email before it leaves the organization, but if this isn’t carefully managed you can block emails that you didn’t mean to. A better approach is to empower your staff. A well-timed alert could inform your staff member that the attachment contains sensitive data, and gives an opportunity for any mistakes to be corrected. This approach allows your staff to make the right decision in what might be complex circumstances, which both plays to their strengths and reinforces and builds a strong security culture.
Symantec Information Protection helps you identify critical data across all your files and emails using automated discovery and context-based classification. With Symantec, risk is reduced by ensuring you limit access to the right people. You limit the risk of data getting into the wrong hands by managing how it’s stored and the protection that surrounds it. You can easily apply policies to control access and usage―in the cloud, on mobile devices, or on the network—and protect and control data by establishing policies that apply across your entire network via a single point.
Symantec VIP, VIP Access Manager, Data Loss Prevention all work together to create an information protection platform. Symantec Information Protection covers three areas: Access, Visibility, and Control.
“Where are my data risks?”
To protect data, you first need to find it, classify it, and then ensure that it’s properly managed. The challenge here is identifying the highest risks to your data. With data volumes exploding (a five-fold increase in data is predicted between 2015 and 2020), and data formats becoming less structured (photographs of forms or whiteboards), the challenges will only grow.
Symantec Information Protection helps you discover where your sensitive data is stored across your infrastructure. You’ll be able to monitor and protect sensitive data on mobile devices, on-premises, and in the cloud. And it’s all done through a unified policy framework to define data loss policies and to help you review and remediate incidents.
“Who is accessing my data?”
Passwords are the de facto standard, but bitter experience teaches us that too many users are inundated with them, resulting in the use of weak passwords, passwords being reused or even written down when they are too hard to remember. A recent study entitled Cyber Security Flaws in Working Practices discovered that 21 percent of workers write down their passwords. In another study, sixty-three percent of confirmed data breaches involved weak, default, or stolen passwords, according to the Verizon 2016 Data Breach Investigations Report. You need to strike the right balance—making it easy for the end-user to access systems while ensuring security without relying on written-down notes.
Poor password hygiene makes accounts vulnerable to takeover attacks. These attacks can be eliminated with the use of single-sign on and multi-factor authentication technologies, such as Symantec VIP and VIP access manager. Symantec Managed PKI service also provides simple to manage device certificates, enabling secure access from any device, anywhere, to any apps your users need. Symantec increases security because VIP password-less fingerprint authentication makes accessing all approved applications simple, without the user needing to remember multiple passwords for multiple applications. This enables your organization to determine what applications show up as an option for the user based on their role.
“How do I better protect my data?”
Data Breaches have almost become a weekly, if not daily, occurrence. According to the ISTR, the number of publically disclosed data breaches has risen steadily over the last number of years to reach 318 in 2015. What about stolen laptops or USB thumb drives and data breaches? Breaches caused by stolen or lost devices are real threats organizations face. In fact, this type of data breach makes up 45 percent of healthcare industry data breaches, according to the Verizon 2015 Data Breach Investigation Report. And the cost? The Ponemon Institute found that the average consolidated total cost of a data breach grew from $3.8 million to $4 million last year, but of course this is highly variable with costs escalating significantly depending on scope, scale, and nature of the breach.
Fortunately, you can take some measures to help protect your organization from data breaches. Symantec offers four broad ways to help.
In upcoming posts of this series, we'll take a closer look at specific features of Information Protection.
New Android.Fakebank.B variants use social engineering to bypass a battery-saving process and stay active in the background.