Symantec Report on Chemical Industry Phishing

Symantec published a report earlier this week about an attack on the Chemical Industry.   They call this attack Nitro. In one example of the attack, an encrypted 7zip file is used.   Encryption prevents scanners from examining the contents of the file. Some SMTP gateways, block encrypted files by default.   Most places find that hurts productivity more than …

Continue reading ‘Symantec Report on Chemical Industry Phishing’ »

More Fun with SEP GUIDs.

After fighting with duplicate hardware IDs in Symantec Endpoint Protection not that long ago, it was surprising to find the problem back again.   Were these left over from the original problem, or was this a return engagement.   And if it was a problem cropping up again, was it caused by someone forgetting to do the …

Continue reading ‘More Fun with SEP GUIDs.’ »

SEPM Database Fun

Tuesday morning I received an email no Symantec Endpoint Manager admin wants to receive From: [email protected] [mailto:[email protected]] Sent: Tuesday, September 27, 2011 12:13 AM To: Roger Subject: Database is down Message from:     Server name: asdfasdf     Server IP: x.x.x.x     The Symantec Endpoint Protection Manager database has gone down and needs immediate attention. I went through …

Continue reading ‘SEPM Database Fun’ »

SEP 12.1 Released

Symantec Endpoint Protection 12.1 was released on July 5th.   A post on Symantec Connect says they are deploying the upgrade licenses via snail mail and sending in alphabetical order.   To a certain extent, I can sympathize with a desire to not overwhelm support.   But I feel that people who participated in the beta program should be given …

Continue reading ‘SEP 12.1 Released’ »

Symantec Endpoint Protection 12 Announced

Today Symantec pre-announced Symantec Endpoint Protection 12.  You can sign up for the public beta now, although the beta bits are not immediately available.   It wasn’t stated whether this beta includes the server install or if it is client only. (update  – Good news! Symantec commenter reports beta will be the full install and not client only).   The full …

Continue reading ‘Symantec Endpoint Protection 12 Announced’ »

Why Microsoft cannot open Windows Update to third-party developers

This morning I saw a post from Larry Seltzer rehashing the argument that Microsoft should be allowing the deployment of third part updates via Microsoft Update.  (He uses the older term “Windows Update” which is for Windows products only.   Microsoft Update is the term for the update server for the broader group of Microsoft products).  He argues, there …

Continue reading ‘Why Microsoft cannot open Windows Update to third-party developers’ »