Belt and Suspenders

CounterSpy end of life occurred on June 1st.   I saw a post from someone whose company runs both a commercial antivirus product and CounterSpy.   They were wondering what secondary product they could replace it with.   I’m having flashbacks to 2007. In the mid-part of last decade mainstream antivirus products were slow to adjust to the …

Continue reading ‘Belt and Suspenders’ »

SEP 11.0.6

Symantec Endpoint Protection 11.0.6 is available on fileconnect. The release notes are here. Release Highlights •”Symantec Protection Center v1.0″ introduces a centralized management console with single sign-on to integrated Symantec applications including Endpoint Protection, Brightmail Gateway, Data Loss Prevention, Web Gateway, Critical System Protection, and IT Analytics •”SEP Manager Web Console” delivers web-based access to …

Continue reading ‘SEP 11.0.6’ »

VanMorrison.com Iframe

Saw a virus alert today. A user performed an AOL Search (that alone should be banned in our end user behavior policy) on “van morrison” (another termination offense). He/She clicked on a link for www.vanmorrison.com. The antivirus detected an iframe attack. Manually looking at www.vanmorrison.com’s source, I currently see a iframe loading ‘http://iqsp.ru:8080/index.php’. Perhaps someone …

Continue reading ‘VanMorrison.com Iframe’ »

Firefox to Suggest Flash Updates

Firefox recently announced that a soon to be released version will check for Flash updates in addition to updating Firefox. That should be helpful for end users. As with any news people of course have their own axe to grind and put their own spin on things. Wolfgang Kandek writes about this development in a …

Continue reading ‘Firefox to Suggest Flash Updates’ »

MessageLabs HTTP Security Webcast

I watched a MessageLabs HTTP Security Webcast earlier today. I have evaled their product both when they were reselling Scansafe and once since they implemented their own solution. As anyone reading this site already knows, there was a big uptick in malware served by legitimate sites at the end of 2008. SQL injection and other …

Continue reading ‘MessageLabs HTTP Security Webcast’ »

Article:Flash Ads launch clipboard hijack

Link We all know that malicious ads can be hosted by legit sites. Generally being fully patched (including third party apps) is a good protection against most attacks other than social engineering. Ryan Naraine of The Zero Day Blog over at ZDNet reports that malicious Adobe Flash ads are being used to hijack the clipboard …

Continue reading ‘Article:Flash Ads launch clipboard hijack’ »

Sophos Endpoint Security Eval Thoughts

This week I began a evaluation of Sophos Endpoint security. (why do I get the feeling all over the country sales guys just perked up and began repeating “sales lead” to themselves). Currently we’re using Symantec Antivirus 10. I’m looking to consolidate antivirus, antispyware and the personal firewall into one product. We also want more …

Continue reading ‘Sophos Endpoint Security Eval Thoughts’ »

Fighting Back Against Identity Theft

In February, Postmaster General John Potter sent a letter presumably to all addresses and enclosed a Identity Theft brochure from the Federal Trade Commission (FTC) The Postmaster General’s letter reported that according to a FTC survey only 2% of all identity theft victims believed the theft of their identity was related to mail. Even so …

Continue reading ‘Fighting Back Against Identity Theft’ »

Symantec Endpoint Security 11

Yesterday, I attended a webinar on Symantec Endpoint Security 11. It should be available for ondemand replay at some point on at symantec.com. A lot of people including myself have been very negative about the Symantec product, virus detection rates, and product support. I’m actually starting to believe that Symantec is turning things around. Yes, …

Continue reading ‘Symantec Endpoint Security 11’ »