NY Times – A poor craftsman blames his tools

On January 30th, the New York Times published a story about themselves.  They were infected with an advanced persistent threat, and had called in Mandiant to clean up the mess.  The quote repeated many times on twitter was Over the course of three months, attackers installed 45 pieces of custom malware. The Times — which …

Continue reading ‘NY Times – A poor craftsman blames his tools’ »

SEP12.1.2 Package Export Issue

This week we upgraded the production Symantec Endpoint Protection Manager (SEPM) server to 12.1.2 (aka 12.1 ru2).   Unlike previous upgrades on the production server, this one was smooth as silk.   Before leaving, we exported the 32 bit workstation client packages and there was no issue with that.   The next day my officemate was trying to …

Continue reading ‘SEP12.1.2 Package Export Issue’ »

SEP Best Practices for Virtualization

Just last week someone commented on a very old post asking if my problems with virtualization with Symantec Endpoint Protection (SEP) were ever solved.   That was a addressed in an early maintenance release for SEP11.  That was a very specific specific issue. This week Symantec released an updated Best practices for virtualization with Symantec Endpoint Protection …

Continue reading ‘SEP Best Practices for Virtualization’ »

Symantec Endpoint Protection 12.1.2 Released

Symantec Endpoint Protection 12.1.2 has been released.  The release notes are available here.   The download is available through Fileconnect.   The same serial number as for 12.1 worked for me. Of primary interest to me is support for Windows 2012, Windows 8 and Apple OS X 10.8 (Mountain Lion). The Client Deployment Wizard can now deploy …

Continue reading ‘Symantec Endpoint Protection 12.1.2 Released’ »

VirusTotal Purchased by Google

In a blog post on Friday VirusTotal announced they’d been purchased by Google.   The post says that “VirusTotal will continue to operate independently, maintaining our partnerships with other antivirus companies and security experts.” VirusTotal is a website where you can upload a file or a url to be scanned by multiple scanners.    Files are currently scanned by over 30 scan …

Continue reading ‘VirusTotal Purchased by Google’ »

Symantec Source Code Stolen

Source code for Symantec Endpoint Protection 11 and Symantec Antivirus 10 has been stolen. According to speculation in news reports, the source code had been provided to the Indian government and was compromised from their servers. Security companies often provide source code to be able to sell software in a country. I suppose they are worried about …

Continue reading ‘Symantec Source Code Stolen’ »

Scanning External Drives on Connection

Over on Symantec Connect (the Symantec support forum), I frequently see people ask about the ability to automatically scan a removable drive when it is connected to a system.   They also submit it as an “idea”.   The Idea section is where you can make product suggestions that users can discuss and vote up or down. I …

Continue reading ‘Scanning External Drives on Connection’ »

SEP 12.1 RU1 Released

Symantec Endpoint Protection 12.1 RU1 is out.   The list of fixes and features is here. I upgraded my test server no problem.   That is the server where everything always works out fine. SEP 12.1 RU1 is version 12.1.1000.157.    The previous version was 12.1.671.4971.   So of course when you log into SEPM, click on admin and Client Install …

Continue reading ‘SEP 12.1 RU1 Released’ »