Tag: Symantec

2012 Norton Cyber Crime Report

2012 Norton Cyber Crime Report, a worrying scenario:

This report covers different technologies including social networking and mobile reporting the impact on final customers in economic terms.

The report involved 13018 participants across 24 countries aged 18-64 and a pool of expert collaborators.

The impact of cybercrime is worrying with 556 million of victims per year, 2 on 3 adults have been victims of on line illegals in their lifetime and the total economic loss is 110 Billion with an average cost per victim of $197.

The Asian region is the most affected by cybercrime, the global price tag of consumer cyber crime for China amounts to 46 Billion, followed by US with 21 Billion and European Area with 16 Billion.

The highest numbers of cyber crime victims were found in Russia (92 percent), China (84 percent) and South Africa (80 percent).

The technologies that have suffered the major increase in cybercrime are social networking and mobile.

It has been registered an increase in cybercrime which takes advantage of social networks and mobile technology. Mobile users are very vulnerable to attacks, 2/2 adults use a mobile device to access the internet and the mobile vulnerabilities doubled in 2011 respect previous year.

44% of users aren’t aware of the existence of solutions for mobile environments, and 35 of adults have lost their mobile device or had it stolen.

Of particular concern is an improper use of social networks, wrong management of sessions, absence of validation of visited links and a total ignorance of any security setting expose users to fraudulent activities.

15 percent of users have had their account infiltrated, and 1 in 10 have been victims of fake links or scams.

Other behaviour extremely worrying is the way in which people use public networks and operate on it, for example accessing to private services such as email.

The email accounts are one of the most appetible targets for cybercriminals because they represent a simple way to access to sensible information.

“When using public connections, 67 percent access email, and 63 percent use social networking and 24 percent access their bank account, according to the report.”

40% people don’t use complex passwords or change their passwords regularly.

Conclusion: 

Source: symantec,securityaffairs

Researchers spot scammers using fake browser plug-ins

Fake Browser Plug-in—A New Vehicle for Scammers:

Security researchers from Symantec have spotted a fake browser plugin-in currently circulating in the wild.

 How the infection takes place:

The scenario is very simple: the victim is lured into watching some video; but instead of asking the victim to share/like the video, (which we have seen in many scams) the scammers present the victim with a fake plug-in download image, which is required to see the video.

Once the end users are tricked into installing the fake YouTube themed browser extension, their User-Agent info is retrieved and accordingly, the fake plug-in is downloaded. For the time being, only Mozilla Firefox and Google Chrome plug-ins are being used.

The scam is currently circulating, using the [Video] Leakead video of Selena Gomez and Justin Beiber [NEW HOT!!] theme.

facebook / youtube

This isn’t the first time that scammers are relying on fake browser plugins and extensions as a propagation vehicle for their scams. In December 2011, researchers from WebSense have detected a malicious campaign where the scammers were successfully hijacking Facebook accounts using bogus browser extensions

 Scammers are always looking for different techniques to lure users .

Facebook users are advised to be extra vigilant when interacting with content shared on the most popular social networking site.

Additional Facebook Security Tips:

  • Review your security settings and consider enabling login notifications. They’re in the drop-down box under Account on the upper, right-hand corner of your Facebook home page.
  • Don’t click on strange links, even if they’re from friends, and notify the person if you see something suspicious.
  • Don’t click on friend requests from unknown parties.
  • If you come across a scam, report it so that it can be taken down.
  • Don’t download any applications you aren’t certain about.
  • For using Facebook from places like hotels and airports, text “otp” to 32665 for a one-time password to your account.
  • Visit Facebook’s security page, and read the items “Take Action” and “Threats.”

source: symantec,zdnet

How to set up client password protection in SEP Manager

How to set up client password protection in Symantec Endpoint Protection Manager :

 Follow the following steps to configure client password:

 1.   Open the Symantec Endpoint Protection Manager (see Figure-1).

Figure-1

2.   Enter the user name and password of the server in the respective fields, and click Log On.

 3.   Click Clients (see Figure-2).


Figure-2

   4.  Click Policies tab >>General Settings (see Figure-3).


Figure-3

5.  General settings window will pop up (see Figure-4). Click security settings.

Figure-4

6.  Security setting window will pop up (see Figure-5). Enable “Require a password to uninstall the client”.

7.  Type the password and confirm the password in the required fields.

 8.  Click OK.

Figure-5


Symantec Endpoint Protection Management Console credentials lost?

1. Open Windows Explorer on the computer where you run Symantec Endpoint Protection Manager.
2. Change directory to the :\Program Files\Symantec\Symantec Endpoint Protection Manager\Tools folder.
3. Double-click the Resetpass.bat executable file. The password is reset to the default password.
4. Be sure to change the password immediately.

Default Credentials:

Username: admin
Password: admin

Note: If you change the admin account name to something other than admin and then subsequently run resetpass.bat, it changes the account name back to admin.

Technology

The Add-inSymantec Antivirus Outlook protection”(C:\program Files\Common Files\Symantec Shared\vpmsece.dll) cannot be loaded and has been disabled by Outlook.Please contact the Add-in manufacturer for an update.If no update is available, please uninstall the Add-in.

SOLUTION: Close Outlook.

Browse to Documents and Settings\<local user>\Local Settings\Application Data\Microsoft\Outlook

delete extend.dat