Symantec president and CEO replaced by company’s chairman
Security software vendor Symantec said Wednesday that Enrique Salem, its president and CEO, had stepped down effective immediately, after the company reported that its revenue for the quarter ended June 29 grew just 1% year-over-year to $1.7 billion, while its profits sagged by 10%, falling to $172 million.
Symantec said its board of directors appointed Steve Bennett, the board chairman, to also hold the posts of president and CEO.
The board's decision to make a leadership change was not based on any particular event or impropriety but was instead made after ongoing consideration and a deliberative process, said Dan Schulman, Symantec's newly appointed lead director, in a statement.
Bennett said "Symantec's assets are strong and yet the company is underperforming against the opportunity."
Bennett will take three to four months to outline a new strategy for Symantec, he said during a conference call discussing the quarterly results on Wednesday. The first thing that Symantec needs to do is sort through the way the market is evolving and then place its chips, Bennett said. Read more...
Symantec confirms blue-screening Windows XP PCs
Symantec last week crippled a large number of Windows XP machines when it shipped customers a defective update to its antivirus software, the company acknowledged Friday.
"After a full evaluation and root cause analysis ... we have determined that the issue was limited to machines running a combination of Windows XP, the latest version of the SONAR technology, the July 11th rev11 SONAR signature set, and certain third-party software," said Orla Cox, of the company's security response team in a July 14 blog post.
SONAR, for "Symantec Online Network for Advanced Response," is an anti-malware technology that spots suspicious, and possibly malicious, files by monitoring software behavior.
Symantec did not identify the "certain third party software" that contributed to the problem, which caused Windows XP PCs to show the notorious "Blue Screen of Death" error display, then reboot, only to endlessly repeat the cycle. Read more...
Symantec revises panicky crash notice
Symantec put out a report June 15 that caused a double-take.
Here’s what it originally said before it was revised:
“KNOWN ISSUE: Altiris Agent service is crashing on a high percentage of computers after upgrading from Symantec Management Platform 7.1 SP1 to 7.1 SP2.”[Emphasis added, not that high percentage needs extra emphasis.]
Altiris, which was acquired by Symantec in 2007, is an asset management tool. It is used to manage patches, maintain compliance with software licenses and remove unauthorized software, among other functions.
A user of this system alerted us to the problem. His Altiris agents, which are on the clients, were crashing after the upgrade. He has since been unable to patch his systems, something that is becoming increasingly worrisome.
When the user first sought help from the Symantec help desk, the support tech was unaware of the alert. That increased the user's concern. Read more...
Symantec expects Anonymous to publish more stolen source code
Symantec today confirmed that the pcAnywhere source code published on the Web Monday by hackers who tried to extort $50,000 from the company was legitimate.
A company spokesman also said that Symantec expects that the rest of the source code stolen from its network in 2006 will also be made public.
Symantec's acknowledgement followed the appearance late Monday of a 1.3GB file on various file-sharing websites, including Pirate Bay, that claimed to be the source code of the pcAnywhere remote-access software.
Download activity for the BitTorrent file has been moderately brisk: As of mid-morning Tuesday, Pirate Bay identified 376 "seeders," the term for a computer that has a complete copy of the file -- and about 200 "leechers," or computers that have downloaded only part of the complete torrent. Read more...
Symantec releases faster next-gen NetBackup, Backup Exec software
Symantec on Monday unveiled new versions of its flagship NetBackup enterprise-class and Backup Exec midrange backup applications -- Backup Exec 2012 and NetBackup v7.5.
The Backup Exec 2012 version includes a new user interface that can automatically configure backups based on the most common policies and settings used by Symatec customers.
The new interface allows for quick configuration with minimal effort, said Jason Fisher, director of product management at Symantec.
The updated Backup Exec offering is available through its traditional software distribution means, as well as in a pre-configured appliance and as a SaaS service. Read more...
Researchers unearth more Chinese links to defense contractor attacks
Researchers with Symantec have uncovered additional clues that point to Chinese hacker involvement in attacks against a large number of Western companies, including major U.S. defense contractors.
The attacks use malicious PDF documents that exploit an Adobe Reader bug patched last month to infect Windows PCs with "Sykipot," a general-purpose backdoor Trojan horse.
According to findings published Thursday by Symantec's research team, a "staging server" used by the attackers is based in the Beijing area, and is hosted by one of the country's largest Internet service providers, or ISPs.
Symantec did not identify the ISP. Read more...
Threatened by Anonymous, Symantec tells users to pull pcAnywhere’s plug
Symantec this week took the highly unusual step of telling users of its pcAnywhere remote access software to disable or uninstall the software while it fixes an unknown number of bugs.
Security experts said the move was unprecedented for a company of Symantec's size.
"This is the first time I have seen a company of Symantec's scale tell their customers to stop using a shipping product, especially one that many users depend on for remote access," said HD Moore, chief technology officer of Rapid7, and the creator of the popular Metasploit penetration testing toolkit.
"It's certainly a new precedent for a security breach," added Andrew Storms, director of security operations at nCircle Security. "Talk about dirty laundry getting aired."
Symantec's recommendation was blunt. Read more...
Symantec confirms Flash exploits targeted defense companies
Security researchers at Symantec today confirmed that exploits of an unpatched Adobe Reader vulnerability targeted defense contractors, among other businesses.
"We've seen [this targeting] people at telecommunications, manufacturing, computer hardware and chemical companies, as well as those in the defense sector," said Joshua Talbot, senior security manager in Symantec's security response group, in an interview Wednesday.
Symantec mined its global network of honeypots and security detectors -- and located email messages with attached malicious PDF documents -- to come to that conclusion.
The inclusion of defense contractors was not unexpected. Read more...
Symantec looking to buy
Symantec Corp's chief executive is looking to do acquisitions and next week may let investors know just how hungry the security and storage software company will be this year.
Enrique Salem, CEO of the world's No. 5 software maker, has not done a large acquisition since he announced plans a year ago to buy VeriSign Inc's widely used technology for securing payments over the Internet in a transaction worth $1.3 billion.
At the Reuters Global Technology Summit in New York on Tuesday, he said he has not ruled out doing another deal of that size, though his preference is to do smaller, "tuck-in" acquisitions. Acquisition targets that Symantec is focusing on include storage or security companies that provide mobility, cloud computing and virtualization. Read more...
Facebook: no evidence of apps leaking user data
Yesterday Symantec revealed that hundreds of thousands of Facebook apps have been accidentally leaking user data for years (if you haven’t yet, change your Facebook password, to be on the safe side). Thankfully, the two companies worked together to fix the flaw before it could be seriously exploited.
Symantec said the Facebook apps were leaking access to millions of Facebook users’ accounts, including profiles, photographs, chat, and other personal information. The only comfort the security company offered was that the third parties who were accidentally granted access to the data may not have realized their ability to see this information. Read more...
What is Endpoint Protection?
In this mad world of hackers, cybercriminals and rampant malware, no one -from individuals to businesses- can afford to be unprotected. There are countless protection solutions available, and often it can be difficult to decide on the best internet security for specific needs. For many end-users, firewalls and antivirus programs are ideal, but for those businesses that rely on central servers with many devices connecting at once, endpoint protection is the most likely -and one of the most effective- security solutions available. Read more...