Written by jj
Sunday, February 12th, 2012
Are you looking for the best BYOD content at the 2012 RSA Conference? If so, here’s a list of events and sessions to add to your agenda.
Posts Tagged ‘symantec’
Jul
22/09
22/09
Adobe PDF Exploit in the Wild > Aggregated Data
Last Updated on Wednesday, 22 July 2009 03:27
Written by jj
Wednesday, July 22nd, 2009
Written by jj
Wednesday, July 22nd, 2009
There’s a new PDF exploit active and in the wild just identified by Symantec’s Security Response team. I don’t have any additional magic insight or recommendations for this, but I wanted to help spread the word and provide some links to additional resources.
Quick Vulnerability Overview
- Process happens when a malicious PDF is downloaded and drops payload of malware locally on the computer.
- Vulnerability in Flash (which is embedded in browsers, PDF and other applications) and here is exploited by a malicious PDF file.
- Protection by updating your antivirus software and verifying they are protecting from this exploit.
- Malicious PDFs are detected as Trojan.Pidief.G and the dropped files as Trojan Horse.
- Operating systems current version exploits Windows XP and Vista (if UAC is not enabled).
- Any software that uses Flash is potentially vulnerable to this issue.
Symantec’s Recommendation Overview
We (Symantec) are in contact with the Adobe PSIRT team in relation to this issue. We urge our customers to ensure their antivirus definitions are up to date. Like the vulnerability Dowd discovered, it’s likely that we will see many attacks over the coming months that will attempt to exploit this vulnerability. As always, keep an eye out for the official patch from Adobe and ensure all products are up to date. As an extra safety measure, Vista users should avail of the UAC (User Account Control) feature as this will help mitigate a successful compromise.
Original Vulnerability info from Symantec
http://www.symantec.com/connect/blogs/next-generation-flash-vulnerability
More on why Flash exploits are important
http://www.matasano.com/log/1032/this-new-vulnerability-dowds-inhuman-flash-exploit/
Tags: Adobe, Flash, PDF, symantec, vulnerability | Posted under Random-izations | 
No Comments
No Comments
Jul
23/08
23/08
Coming Up: NAC Sauces & 1X Vulnerabilities
Last Updated on Saturday, 28 January 2012 06:52
Written by JJ
Wednesday, July 23rd, 2008
Written by JJ
Wednesday, July 23rd, 2008
Per requests, and as part of the ‘ask JJ’ responses, I’ve been working on a couple of blog post series for you.
I’m juggling blog-moving with blog-posting and trying to find the happy medium. Coming soon though, are two NAC/1X series I hope you’ll enjoy… (more…)
Tags: 802.1X vulnerabilities, Cisco, Mirage, nac, Napera, ProCurve, StillSecure, symantec | Posted under Industry Insider, NAC & 802.1X | No Comments
No Comments
Jun
30/08
30/08
Symantec’s Network-Based NAC
Last Updated on Saturday, 28 January 2012 06:54
Written by JJ
Monday, June 30th, 2008
Written by JJ
Monday, June 30th, 2008
Yes, you read it right- Symantec (as in the software vendor) has a network-based (as in the hardware) NAC. Once you get over the title, keep reading.
If you read my blog, or know me, you probably know I do NOT like software (and it usually doesn’t like me). So, I’d be the first to jump on the ‘anti-software-peer-based-NAC’ train, but I think we have to be informed before we jump to conclusions and hop on any trains. (more…)
Tags: nac, peer-based nac, security, symantec | Posted under Industry Insider, NAC & 802.1X | 2 Comments
2 Comments
Jun
20/08
20/08
Security Circumvented: My Anti-Virus
Last Updated on Monday, 21 July 2008 11:40
Written by JJ
Friday, June 20th, 2008
Written by JJ
Friday, June 20th, 2008
I recently needed to renew the anti-virus subscription on my tablet PC. Of course, Symantec popped up and let me know well in advance, and of course, I waited until the almost-last-day before I renewed.
When my renewal options appeared, there was a selection to upgrade to the shiny new Norton 360. Woo hoo! It listed all these great new security features… I don’t remember what they were… but, they sounded REALLY great (I promise).
So I went with the upgrade, instead of the anti-virus signature renewal. Okay.
It did seem like a good idea at the time. However, in addition to my overly-protective Vista popups eeeevvvvery time I want to run something, connect somewhere, or wipe my nose… Now, I have the Vista pop up AND the Norton 360 popup. Okay.
Except, the Norton pops up with flagrantly ambiguous information like “An application is trying to access your Internet.” Do I want to allow it? I don’t know. How am I supposed to know- which application wants to access my Internet? Oh, it’s not going to tell me. Okay.
Well, I guess I’ll click ‘Allow’ because I have no clue what is trying to access my Internet, but I’ll assume it’s something that I have somehow asked to access my Internet… and I’ll be quite upset if whatever I clicked on doesn’t work. So YES, ALLOW. Okay again.
And what was the point in that? One click has transformed to three, and I’m no more secure than I was before, I’m just being forced to make more clicks to earn my insecurity. So today I am the poster child of what NOT to do.
Security circumvented is quite possibly worse than no security at all. I see visions of ‘invalid browser certificate’ notices dancing in my head.
# # #
Tags: anti-virus, firewall, security, symantec | Posted under Random-izations | 3 Comments
3 Comments
