Articles about Symantec

Silhouette of spy discerning password from code uses a command on graphic user interface

Zero day hole can pwn millions of LastPass users, all that's needed is a malicious site

A dangerous zero-day vulnerability has been found in popular cloud password vault LastPass, which The Register has been told can completely compromise user accounts. Many millions of users can right now be compromised by merely visiting a malicious website, we understand. This allows attackers complete access to user accounts …
Darren Pauli, 27 Jul 2016
Slices of madeira cake

CMO finds new berth at F5

F5 Networks has recruited an ex-Veritas CMO to be its own chief marketing officer. Ben Gibson became Veritas CMO in June last year, joining from a CMO position at Aruba Networks in January 2011. Gibson will be responsible for overseeing the company’s global marketing strategy as F5 further expands into the growth areas of …
Chris Mellor, 26 Jul 2016
a HUSKY DOG DIGS A HOLE ON THE BEACH. pHOTO BY shUTTERSTOCK

Tinder porn scam: Swipe right for NOOOOOO I paid for what?

Crooks on Tinder are using online safety as a lure to trick users into unwittingly paying for adult content. Automated spam bots masquerading as Tinder users are supposedly tricking other users of the mobile dating app into visiting a malicious third-party website to “verify their profiles”. “The spam bots instruct the user …
John Leyden, 25 Jul 2016
udp_7000_648

Data protection biz Arcserve fattens exec ranks with 3 new veeps

CA spinout and private equity-owned Arcserve is growing revenues at double digits, and has hired four new execs to sharpen its finance side, spin out more and better products and keep its channel business growing. Oussama El-Hilali becomes VP of Products, responsible for managing research and development, product strategy and …
Chris Mellor, 25 Jul 2016
Symantec director government affairs Brian Fletcher (left) with Microsoft assistant general counsel Cristin Goodwin. Image: Darren Pauli, The Register.

Microsoft and pals re-write arms control pact to save infosec industry

Microsoft and a team of concerned engineers from across the security sector have joined forces to suggest a major re-write of the arms control pact the Wassenaar Arrangement, as they fear the document's terms are a threat tot he information security industry. The pitch is the result of brainstorming by the group to redefine …
Darren Pauli, 21 Jul 2016

Everyone's favorite infosec biz – Blue Coat – must cough up $40m to rival in patent rip-off row

Blue Coat has lost its appeal challenging a nearly $40m patent infringement lawsuit brought by rival security company Finjan. The California Northern District Court upheld the 2015 jury decision awarding $39,528,487 to Finjan for infringement by Blue Coat on five of its patents: 6,804,780 identifying downloadable files 6, …
Shaun Nichols, 20 Jul 2016

Flaws found in security products from AVG, Symantec and McAfee

Updated Hundreds of security products may not be up to the job, researchers say, thanks to flawed uses of code hooking. The research is the handiwork of EnSilo duo Udi Yavo and Tommer Bitton, who disclosed the bugs in anti-virus and Windows security tools ahead of their presentation at the Black Hat Las Vegas conference next month. …
Darren Pauli, 20 Jul 2016

Carbon Black snaps up cloud-dwelling threat-sniffing 'next-gen AV'

Endpoint security firm Carbon Black has bought "next-generation antivirus" firm Confer. Financial terms of the deal, announced today, were undisclosed. Carbon Black plans to re-badge Confer’s security software as “Cb Defense” and offer it alongside its existing roster of application control, incident response, and threat …
John Leyden, 19 Jul 2016
Bank vault

BAE Systems partners with SWIFT to bolster hacker intel

BAE Systems has been recruited to help SWIFT's newly formed Customer Service Intelligence team in a bid to get ahead of cyber-criminals targeting banks connected to the global financial messaging service. The announcement follows the analysis and identification of malware that BAE Systems’ threat intelligence team was able to …
John Leyden, 15 Jul 2016
CHILE -FEBRUARY 6: Moais in Rapa Nui National Park on the slopes of Rano Raruku volcano on Easter Island, Chile. Photo by Shutterstock

The History Boys: Object storage ... from the beginning

Backgrounder This is a terrific object storage history map from Silicon Valley object storage guy Philippe Nicolas*, who has put together a spreadsheet detailing the history of content-addressable storage (CAS**) – otherwise generally known as object storage. I have heard so many odd things about suppliers and technologies in this market …
Man reading newspaper with glasses on his head

Android malware blocks bank calls

Cybercrooks have put together a fake banking application that blocks victims’ outgoing calls to customer service. The Fakebank trojan blocks calls in order to stop victims from cancelling their stolen payment cards. The Android nasty is automatically programmed to cancel calls from being placed. Victims can, of course, use …
John Leyden, 14 Jul 2016

Symantec, Intel carve out diminishing slice of growing security market

Worldwide security software revenues rose 3.7 per cent to reach $22.1bn in 2015, according to analyst Gartner. Security information and event management (SIEM) remained the fastest-growing sub segment of the cybersecurity biz last year, experiencing 15.8 per cent growth. By contrast, consumer security software recorded a 5.9 …
John Leyden, 14 Jul 2016
NetBackup_5240

Veritas backup appliance sees red

Veritas has upgraded its 5200 deduplicating backup appliance line from the 5230 to the 5240, increasing both capacity and also speed through having faster processors. It has also lowered the energy consumption, increased the number of networking ports, and altered the wavy line scrolling across the bezel from yellow to red. …
Chris Mellor, 13 Jul 2016

Avast woos AVG shareholders with $1.3bn buyout offer

Avast is offering to buy anti-virus rival AVG for $1.3bn. AVG shareholders are being offered $25.00 per share in cash, a 33 per cent mark-up on the closing share price on Wednesday. AVG, Avast and rival Avira are the three main players in the market for freebie anti-virus scanners for Windows. All make their money by offering …
John Leyden, 07 Jul 2016
danger

Attention, small biz using Symantec AV: Smash up your PCs, it's the safest thing to do

If you're using Symantec's Endpoint Protection Small Business Edition (SEP SBE) then you can forget about security for a week or so, as the company won't be patching the "as bad as it gets" security holes in its software for a while. A Register reader who wishes to remain anonymous received an email from Symantec confirming …
Iain Thomson, 06 Jul 2016
OSNEXUS_QuantaStor_license_manager_screen

OSNEXUS: Storage upstart that funded itself before gaining angel wings

Take one ambitious Citrix engineering director who wanted to start his own storage company, sprinkle in $2m of angel funding and seven years later you find a IBM SoftLayer-blessed 20-person startup competing with DataCore. Nexenta and $100m+ funding, and other VC-backed software-defined storage vendors. How did that happen? …
Chris Mellor, 06 Jul 2016
Illustration of a man with a beard reading a tablet

Brexit-themed spam surges

Symantec has uncovered a fivefold (392 per cent) increase in spam emails that use Brexit as a news hook. Cybercriminals have latched onto Brexit as a theme simply because it’s topical and likely to get the attention of prospective marks. These lures are ultimately geared towards tricking people into divulging sensitive …
John Leyden, 05 Jul 2016
Image: Serazetdinov http://www.shutterstock.com/fr/pic-114819721/stock-vector-illustration-of-a-strong-blast-of-brain.html

Zero-interaction remote wormable hijack hole blasts Symantec kit

Scores (or thousands, or millions) of enterprise and home Symantec users are open to remote compromise through multiple now-patched (where possible) wormable remote code execution holes described by Google as 'as bad as it gets'. The flaws are "100 percent" reliable against Symantec's Norton Antivirus and Endpoint according to …
Darren Pauli, 29 Jun 2016

SWIFT hackers nick $10m from Ukraine bank

Hackers stole $10m from a Ukrainian bank by – yup, you guessed it – invading its computers and using the inter-bank transfer system SWIFT to shift their loot. The theft from an unnamed Ukrainian bank follows news of cyber-heists at other banks worldwide, most notoriously the lifting of $81m from an account held in New York …
John Leyden, 28 Jun 2016
Venomous snake

Nuclear goes boom

Shake-ups at the top of the exploit kit world continue, with news the world's two top pop boxes have disappeared. Exploit kits are the all-in-one commercial crime offerings through which specifically vulnerable users can be targeted with a barrage of constantly updated and occasionally zero-day attacks. Victims subject to …
Darren Pauli, 28 Jun 2016
sale

Intel mulls sale of Intel Security – reports

Opinion Intel is reportedly looking to offload its Intel Security arm. The IT giant is investigating options for Intel Security cyber security business, the FT reports. These options include selling off the security software business formerly known as McAfee that the chip-maker bought for $7.7bn back in August 2010. Intel is yet to …
John Leyden, 27 Jun 2016

Man-in-the-middle biz Blue Coat bought by Symantec: Infosec bods are worried

Analysis Symantec’s deal to to buy Blue Coat, the controversial web filtering firm, for $4.65bn will bolster its enterprise security business. But some security experts are concerned about the potential for conflict of interest created by housing Symantec’s digital certificate business and Blue Coat’s man-in-the-middle SSL inspection …
John Leyden, 14 Jun 2016
2x2 Rubik's cube

MBE? Pah! Gartner gurus made us an MQ L

Gartner’s magic quadrant-producing gurus have awarded Commvault the data centre backup and recovery Iron Throne. They have also added Veeam to the Leader’s quadrant and severely pruned the niche player section, following a market criteria review, in "response to Gartner client requests to focus more on backup and recovery …
Chris Mellor, 13 Jun 2016
Upset man in suit and drinking liquor. Photo by Shutterstock

Hackers targeting SWIFT banks also targeted US moneymen: Hedge funds at risk

The Lazarus Group of hackers, blamed for a recent run of attacks against mainly Asian banks linked through the SWIFT network, is now suspected of targeting a mid-market US bank. Evidence uncovered by threat detection firm eSentire suggests that the Lazarus crew (which is also the chief suspect in the 2014 Sony Pictures hack) …
John Leyden, 13 Jun 2016

Let's Encrypt lets 7,600 users... see each other's email addresses

Free certificate authority Let's Encrypt has spaffed the email addresses of up to 7,618 users to each other in an email informing them of updates to its subscriber agreement. In a post apologising for the error, the service noted that the incident wasn't as bad as it could have been, affecting only 1.9 per cent of the 383,000 …
Boy slurps watermelon. Credit: Shutterstock

Symantec swoops on Blue Coat in $4.65bn deal

Blue Coat has scrapped its IPO plans in favour of a $4.65bn takeover by IT security rival Symantec. Greg Clark, Blue Coat CEO, will take the helm at Symantec, so resolving the question of succession of Mike Brown, who announced his resignation as CEO in April. On a pro-forma basis, the combined company would have $4.4bn in …
Drew Cullen, 13 Jun 2016

New Android tricks for modern malware licks

Symantec engineer Dinesh Venkatesan says malware writers have one up on Google with the pillaging of a keystone trick that permits attacks on Android Marshmallow. The method was extracted from white hat proof-of-concept works published initially to show how malware could extract credentials from Android apps. It allows …
Darren Pauli, 06 Jun 2016

Recycled malware code 'links' SWIFT bank heist to Sony ransackers

Five additional pieces of malware suggest there is a stronger tie between North Korea's Lazarus Group of hackers and last month's run of cyber-attacks on banks. A study by Anomali Labs' senior security researcher Aaron Shelmire expands upon Symantec's earlier findings. According to Symantec, two pieces of malware were used to …
John Leyden, 02 Jun 2016

Don't panic, says Blue Coat, we're not using CA cert to snoop on you

Blue Coat has denied it's up to any shenanigans – after the security biz was seemingly given the power to issue crypto certificates that could be used to spy on people. A kerfuffle kicked off this week when it looked as though Blue Coat had been made an intermediate certificate authority, backed by root certificate authority …
Iain Thomson, 27 May 2016
Ben Mezrich, Once Upon a Time in Russia: The Rise of the Oligarchs and the Greatest Wealth in History

FOURTH bank hit by SWIFT hackers

A fourth bank, this time in the Philippines, has been attacked by hackers targeting the SWIFT inter-bank transfer system. Security researchers at Symantec reckon the same group blamed for the infamous $81m Bangladesh central bank mega-heist back in February also mounted an earlier assault in the Philippines last year, itself …
John Leyden, 27 May 2016

Faded celebs' Twitter feeds degrade to sad, lonely smut storms

Symantec boffin Satnam Narang says some 2500 Twitter accounts, including those of journalists and other notables, have been compromised and used to sling pornography and links for dating sites. The accounts include those of a Telegraph journalist, a CNN correspondent, the National Post editor-in-chief, WKYT weekend anchor, …
Darren Pauli, 26 May 2016
stack of newspapers view from the side

Norton bans kernel.org

Bad news for Linux users: security suite Norton thinks that the Linux repository kernel.org is rife with threats. Norton Linux.org page Er, no Symantec's automated analysis system claims to have identified four threats to Norton users on the site and has red flagged it for anyone thinking of visiting. That will come as a …
Iain Thomson, 24 May 2016

Suckfly: The hacking group targeting India but taking weekends off

A professional hacking group called Suckfly is targeting India's infrastructure and economic base by zeroing in on individuals and installing tools to access their work networks. That's according to a blog post by Symantec that has analyzed and dug into the group's activities and methods. Symantec first spotted the group it …
Kieren McCarthy, 18 May 2016

Symantec antivirus bug allows utter exploitation of memory

British white hat hacker and Google Project Zero chap Tavis Ormandy is making life miserable for Symantec again: the bug-hunter has turned up an exploitable overflow in “the core Symantec Antivirus Engine used in most Symantec and Norton branded Antivirus products”. Described here, the problem is in how the antivirus products …
Titanic sinking

Symantec: I know we said things'd get better when we sold Veritas...

Symantec is slipping back into cost-cutting mode just months after the split with storage arm Veritas was supposed to provide the healing balm the business so clearly needed. The standalone security biz wants to carve out savings of $400m via an “efficiency programme” that includes “eliminating stranded costs” from the sale of …
Paul Kunert, 13 May 2016
2001: A Space Odyssey

Lie back and think of cybersecurity: IBM lets students loose on Watson

IBM is teaming up with eight North American universities to further tune its cognitive system to tackle cybersecurity problems. Watson for Cyber Security, a platform already in pre-beta, will be further trained in “learning the nuances of security research findings and discovering patterns and evidence of hidden cyber attacks …
John Leyden, 12 May 2016
Symantec CEO Michael Brown

Symantec CEO Mike Brown ousted after nasty numbers

Symantec CEO Mike A. Brown will leave the company, after it today announced it will miss its projected Q4 2016 sales. Symantec has previously forecast sales of between US$885m and $915m. Advice released today suggested the actual result will be closer to $873m, a small but nasty miss. The company's tried to explain the miss ( …
Simon Sharwood, 29 Apr 2016
Ted Cruz

Ted Cruz knows where you live – if you downloaded his app

Many US presidential primary apps gather users’ personal information and leave their sensitive data vulnerable to attackers, security researchers at Symantec warn. Data exchanged through many of the apps can be intercepted by attackers and shared with third parties because of weak security practices. Symantec analysed the …
John Leyden, 26 Apr 2016
Man with head in the cloud

Symantec.cloud portal limps back online after day-long TITSUP

Symantec.cloud’s portal is back online following a day-long outage. However, sysadmins report a continuing inability to perform basic functions such as adding new email accounts for new starters at the corporate firms they manage. Problems with the system followed a database crash on Monday morning that dragged on until …
John Leyden, 13 Apr 2016
Exhausted looking business man on phone in from of laptop. Photo by Shutterstock

Symantec cloud portal goes titsup after database crash

Symantec.cloud is in the middle of rebuilding its portal this lunchtime following a prolonged outage spanning more than 24 hours. The snafu stemmed from a database crash. Problems first surfaced at 1000 UTC (1100 BST) on Monday and dragged on until lunchtime on Tuesday, as detailed in a series of updates to Symantec.cloud’s …
John Leyden, 12 Apr 2016
London - Iconic Red telephone box with Big Ben at the background and blue sky - UK, England. Photo by Shutterstock

Spear phishers target gullible Brits more than anyone else – survey

There’s been a sharp (35 per cent) increase in crypto ransomware attacks, with the UK ranked as the nation third most targeted with ransomware. The UK is also ranked as the most targeted nation for spear phishing attacks and the second most hit-upon country with social media scams, according to other findings from Symantec's …
John Leyden, 12 Apr 2016

Legion of demons found in ancient auto medical supply dispensing cabinets

Updated Consider this a reminder that end-of-life software doesn't get patches: researchers have turned up more than 1,400 vulnerabilities in a widespread automatic medical supply dispensing system from CareFusion, because old units are still running Windows XP. The computer-controlled dispensing cabinets are installed in hospitals …

OK, so the users want corporate apps on the move. Don't Panic

People want to be able to do their job from wherever they happen to be. It's understandable – if you don't need to be in an office chained to your desk then why not work somewhere more convenient? Let's look at five ways to make this achievable. Remote access to local apps At the most basic level you have the traditional …
Dave Cartwright, 30 Mar 2016

NetApp dropped the ball by letting EMC gobble Data Domain

IDC has published its quarterly confirmation that EMC’s Data Domain is crushing the competition in the purpose-built backup appliance market. The analyst outfit’s Worldwide Quarterly Purpose-Built Backup Appliance Tracker for 2015’s fourth quarter lists the top five vendors’ revenue amounts and shares for both the 2015 and …
Chris Mellor, 29 Mar 2016

US bank fended off 513 trojans last year alone

The most beleaguered bank in the United States was hit with 513 financial trojans last year, says Symantec threat bod Candid Wueest. The unnamed bank and Symantec customer was in the crosshairs of 78.2 percent of all financial trojans seen by the security firm last year. It is unknown if any of the malware samples gained a …
Darren Pauli, 24 Mar 2016
Engineer aboard Das Boot U-96 responds to telegraphs

Google publishes list of Certificate Authorities it doesn't trust

Google's announced another expansion to the security information offered in its transparency projects: it's now going to track certificates you might not want to trust. Certificate Authorities (CAs) that your browser (or smartphone) trusts have a suitable entry in “settings”, but if a site presents a certificate from an …
Asleep on the sofa image via Shutterstock

Symantec warns of serious security holes – in Symantec security kit

Symantec is advising users of its Endpoint Protection (SEP) software to update their systems, after three vulnerabilities were reported in the computer defense tools. Two of the bugs – a cross-site scripting (XSS) flaw, and a SQL injection vulnerability – are in the SEP Management Console, a web-based portal you can log into …
Shaun Nichols, 18 Mar 2016
Dyson DC58 Animal

SMBs? Are you big enough to have a serious backup strategy?

One of the TLAs* we come across all the time in IT is CIA. It's not, in this context, a shady American intelligence force: as far as we're concerned it stands for Confidentiality, Integrity and Availability – the three strands you need to consider as part of your security and data management policies and processes. Most …
Dave Cartwright, 02 Mar 2016
Paul Winchell and dummy

Cisco leans in close, coughs, whispers: If you want 100GE for 40GE prices, I know a person...

Cisco Partner Summit Cisco has announced new Nexus 9000 and 3000 switches with a theme of 25 and 100 gig Ethernet for 10 and 40 gig prices, calling them cloud-scale products. It's also buying cloud app wrangler startup CliQr. Switchzilla has adding the 9200, 9300 and 9500 models to its 9000 family. The latest gear sports a new ASIC delivering 10/ …
Chris Mellor, 01 Mar 2016
Facepalm by https://www.flickr.com/photos/the-magic-tuba-pixie/ cc 2.0 attribution generic https://creativecommons.org/licenses/by/2.0/

Worldpay outs self as provider of easy-to-crack payment services

Everyone knows the SHA-1 cipher is a relic that can be cracked without colossal effort. So why has Mozilla allowed Symantec to issue some new SHA-1 certificates? Mozilla participates in Web PKI, the effort overseeing the issuance of certificates allowing browsers to identify themselves to servers. The organisation has learned …
Simon Sharwood, 29 Feb 2016