Katana VentraIP

Gen Digital

Gen Digital Inc. (formerly Symantec Corporation and NortonLifeLock) is a multinational software company co-headquartered in Tempe, Arizona and Prague, Czech Republic. The company provides cybersecurity software and services. Gen is a Fortune 500 company and a member of the S&P 500 stock-market index. The company also has development centers in Pune, Chennai and Bangalore. Its portfolio includes Norton, Avast, LifeLock, Avira, AVG, ReputationDefender, and CCleaner.

Formerly

  • Symantec Corporation
    (1982–2019)
  • NortonLifeLock Inc.
    (2019–2022)

March 1, 1982 (1982-03-01) in Sunnyvale, California, U.S.

Worldwide

Decrease US$3.81 billion (2024)

Decrease US$1.12 billion (2024)

Decrease US$616 million (2024)

Decrease US$15.8 billion (2024)

Decrease US$2.20 billion (2024)

c. 3,400 (2024)

On October 9, 2014, Symantec declared it would split into two independent publicly traded companies by the end of 2015. One company would focus on security, the other on information management. On January 29, 2016, Symantec sold its information-management subsidiary, named Veritas Technologies, and which Symantec had acquired in 2004,[2] to The Carlyle Group.[3] On August 8, 2019, Broadcom Inc. announced they would be acquiring the Enterprise Security software division of Symantec for $10.7 billion.[4] After the acquisition, Symantec became known as NortonLifeLock.[5][6] After completing its merger with Avast in September 2022, the company adopted the name Gen Digital Inc.[7]

Security concerns and controversies

Restatement

On August 9, 2004, the company announced that it discovered an error in its calculation of deferred revenue, which represented an accumulated adjustment of $20 million.[87][88]

Endpoint bug

The arrival of the year 2010 triggered a bug in Symantec Endpoint. Symantec reported that malware and intrusion protection updates with "a date greater than December 31, 2009, 11:59 pm [were] considered to be 'out of date.'" The company created and distributed a workaround for the issue.[89]

Scan evasion vulnerability

In March 2010, it was reported that Symantec AntiVirus and Symantec Client Security were prone to a vulnerability that might allow an attacker to bypass on-demand virus scanning, and permit malicious files to escape detection.[90][91]

Denial-of-service attack vulnerabilities

In January 2011, multiple vulnerabilities in Symantec products that could be exploited by a denial-of-service attack, and thereby compromise a system, were reported. The products involved were Symantec AntiVirus Corporate Edition Server and Symantec System Center.[92]


The November 12, 2012, Vulnerability Bulletin of the United States Computer Emergency Readiness Team (US-CERT) reported the following vulnerability for older versions of Symantec's Antivirus system: "The decomposer engine in Symantec Endpoint Protection (SEP) 11.0, Symantec Endpoint Protection Small Business Edition 12.0, Symantec AntiVirus Corporate Edition (SAVCE) 10.x, and Symantec Scan Engine (SSE) before 5.2.8 does not properly perform bounds checks of the contents of CAB archives, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted file."[93]


The problem relates to older versions of the systems and a patch is available. US-CERT rated the seriousness of this vulnerability as a 9.7 on a 10-point scale. The "decomposer engine" is a component of the scanning system that opens containers, such as compressed files, so that the scanner can evaluate the files within.

Scareware lawsuit

In January 2012, James Gross filed a lawsuit against Symantec for distributing fake scareware scanners that purportedly alerted users of issues with their computers. Gross claimed that after the scan, only some of the errors and problems were corrected, and he was prompted by the scanner to purchase a Symantec app to remove the rest. Gross claimed that he bought the app, but it did not speed up his computer or remove the detected viruses. He hired a digital forensics expert to back up this claim. Symantec denied the allegations and said that it would contest the case.[94] Symantec settled a $11 million fund (up to $9 to more than 1 million eligible customers representing the overpaid amount for the app) and the case was dismissed in court.[95][96]

Source code theft

On January 17, 2012, Symantec disclosed that its network had been hacked. A hacker known as "Yama Tough" had obtained the source code for some Symantec software by hacking an Indian government server.[97] Yama Tough released parts of the code and threatened to release more. According to Chris Paden, a Symantec spokesman, the source code that was taken was for Enterprise products that were between five and six years old.[97]


On September 25, 2012, an affiliate of the hacker group Anonymous published source code from Norton Utilities.[98] Symantec confirmed that it was part of the code that had been stolen earlier, and that the leak included code for 2006 versions of Norton Utilities, pcAnywhere and Norton Antivirus.[98]

Verisign data breach

In February 2012, it was reported that Verisign's network and data had been hacked repeatedly in 2010, but that the breaches had not been disclosed publicly until they were noted in an SEC filing in October 2011.[99] Verisign did not provide information about whether the breach included its certificate authority business, which was acquired by Symantec in late 2010.[99] Oliver Lavery, director of security and research for nCircle, asked rhetorically, "Can we trust any site using Verisign SSL certificates? Without more clarity, the logical answer is no."[100][101]

pcAnywhere exploit

On February 17, 2012, details of an exploit of pcAnywhere were posted. The exploit would allow attackers to crash pcAnywhere on computers running Windows.[102] Symantec released a hotfix for the issue twelve days later.[103]

Hacking of The New York Times network

According to Mandiant, Symantec security products used by The New York Times detected only one of 45 pieces of malware that were installed by Chinese hackers on the newspaper's network during three months in late 2012.[104][105] Symantec responded:

Comparison of antivirus software

Comparison of computer viruses

a joint venture between Huawei and Symantec

Huawei Symantec

Web blocking in the United Kingdom – Technologies

Symantec behavior analysis technologies and AntiBot

SONAR

Symantec Online Backup

Official website

Bloomberg