[DISCUSSION] Symantec Endpoint Protection

Discussion in 'Application Software' started by CHEF-KOCH, Dec 14, 2013.

  1. whisperalpha

    whisperalpha MDL Junior Member

    Jan 14, 2020
    79
    26
    0
    Yeah, you're both on Windows 10. I didn't know WHY SEP was sill working for you, but after weeks of unyielding turmoil, I found out the hard way. The TLS bug was supposed to have been fixed years ago, but using the options to enable didn't work by itself, which still doesn't make sense. It should not take a manual RegEdit to do something that is readily accessible in Control Panel.
     
  2. PlayGames

    PlayGames MDL Novice

    Oct 20, 2019
    1
    0
    0

    Incident Response
    Risk Assessment
    Spyware
    Found a string that may be used as part of an injection method
    Persistence
    Modifies System Certificates Settings
    Writes data to a remote process
    Fingerprint
    Queries kernel debugger information
    Queries process information
    Queries sensitive IE security settings
    Queries the display settings of system associated file extensions
    Evasive
    Marks file for deletion
    Possibly checks for the presence of a forensics/monitoring tool
    Writes archive files
    MITRE ATT&CK™ Techniques Detection
    We found MITRE ATT&CK™ data in 2 reports, on average each report has 313 mapped indicators.
     
  3. Sajjo

    Sajjo MDL Member

    Feb 6, 2018
    2,842
    3,994
    90
    It's not related to SEP :)

    Chill... ;)
     
  4. LSPLDD

    LSPLDD MDL Novice

    Jul 26, 2025
    3
    7
    0
  5. LSPLDD

    LSPLDD MDL Novice

    Jul 26, 2025
    3
    7
    0
    It'll be officially released this October, and you'll be able to see it on the official website then.