Endpoint Protection

Expand all | Collapse all

Detection coverage for ripple20

  • 1.  Detection coverage for ripple20

    Posted 4 days ago
    Hello,

    do you know if SEP is able to detect attacks regarding ripple20.
    https://www.jsof-tech.com/ripple20/

    I opened a ticket by technical support without success.

    Does anybody know how to get such an information?

    Thanks!

    ------------------------------
    BR
    Alexander
    ------------------------------


  • 2.  RE: Detection coverage for ripple20

    Posted 3 days ago

    Can you share the logs plz





  • 3.  RE: Detection coverage for ripple20

    Posted 3 days ago
    Which log files do you need?

    ------------------------------
    BR
    Alexander
    ------------------------------



  • 4.  RE: Detection coverage for ripple20

    Posted 3 days ago
    At this time, Symantec is investigating potential coverage based on the information that is currently available. There are no reports indicating that these vulnerabilities are being exploited in the wild.

    ------------------------------
    John Owens
    Principal Product Support
    Symantec
    United States
    ------------------------------



  • 5.  RE: Detection coverage for ripple20

    Posted 3 days ago
    Hi John,

    thank you very much for your response!

    What's the best way to request such an information by your technical support?

    I have tried it several times to get such information but I was always asked to upload a file / url by symsubmit. From my point of view such a request is nonsense isn't it?

    Thank you so much!

    ------------------------------
    BR
    Alexander
    ------------------------------



  • 6.  RE: Detection coverage for ripple20

    Posted 3 days ago

    Technical Support should be able to request this information from our Security Response team.  If we have information to share that is.

    If you have documents with hashes you would like to know if we have detection or not you can submit the hashes to https://symsubmit.symantec.com/.  You can also look up the hashes on Virus Total site.

    It looks like all of these have been patched for the Ripple20, so are suggestion will always be to patch.

    Thanks,
    John Owens



    ------------------------------
    John Owens
    Principal Product Support
    Symantec
    United States
    ------------------------------