Symantec endpoint protection client not updating management server

Posted by / 23-Dec-2016 09:16

Symantec endpoint protection client not updating management server

The image, when expanded, was a high-resolution photo that displayed control systems equipment models and status information in the background.

This alert provides information on advanced persistent threat (APT) actions targeting government entities and organizations in the energy, nuclear, water, aviation, and critical manufacturing sectors. This report contains indicators of compromise (IOCs) and technical details on the tactics, techniques, and procedures (TTPs) used by APT actors on compromised victims’ networks.The initial victims are peripheral organizations such as trusted third party suppliers with less secure networks.The initial victims are referred to as “staging targets” throughout this alert.Stage 1: Reconnaissance The threat actors appear to have deliberately chosen the organizations they targeted, rather than pursuing them as targets of opportunity.Staging targets held preexisting relationships with many of the intended targets.

symantec endpoint protection client not updating management server-3symantec endpoint protection client not updating management server-29symantec endpoint protection client not updating management server-54

The threat actor uses the staging targets’ networks as pivot points and malware repositories when targeting their final intended victims.