Темы
Разделы
Интересы
Top 20
 |
If getting hacked earlier this month by an Indian group wasn't bad enough, the high-profile hacktivist group Anonymous is claiming it has Symantec source code. And Symantec isn't taking any chances.
"Upon investigation of the claims made by Anonymous regarding source code disclosure, Symantec believes that the disclosure was the result of a theft of source code that occurred in 2006," Symantec said in a statement. "Since 2006, Symantec has instituted a number of policies and procedures to prevent a similar incident from occurring."
Despite those polices and procedures, though, Symantec is suggesting pcAnywhere users pull the plug on the remote access software. pcAnywhere allows users to remotely access and control other computers. Symantec said the encoding and encryption elements within pcAnywhere are vulnerable, making users susceptible to man-in-the-middle attacks that open the door to stealing session data or credentials.
Symantec's Quick Advice
"Symantec came out with strong -- and, to my mind, correct -- advice to their users: stop using pcAnywhere until a patch is available," said Graham Cluley, senior security analyst at Sophos. "Hopefully this will be the full extent of the Symantec security breach, and there aren't any more revelations awaiting users. I'm sure if Symantec did know anymore they would share it with their customers, as they have been very open so far."
Symantec has indeed been open, which is a good lesson for companies dealing with data breaches. When an Indian hacking group claimed it got its hands on source code used in the Norton anti-virus program in early January, Symantec was quick to respond and make the appropriate recommendations to users.
Much the same with the pcAnywhere issue, Symantec issued a white paper with security recommendations and published a customer advisory on its Web site. For example, Symantec noted that a secondary risk with pcAnywhere may occur if a malicious... newsfactor.com »
|
|
If you're running a PC with Symantec's pcAnywhere, beware. New security risks have been raised that could affect hundreds of thousands of users.
Last month, Symantec recommended that its pcAnywhere customers disable or uninstall the software while the company worked on fixes. Several patches were released, most recently an all-in-one patch Feb. 10. Following that release, Symantec indicated the software was safe to use, in conjunction with standard security best practices.
The software is typically used by mobile workers and others to access an office computer from the road.
Source Code Theft
But Boston-based security firm Rapid7 has recently estimated that as many as 200,000 PCs are running unpatched versions, including up to 5,000 point-of-sale systems that could be connected to financial systems in businesses, which could include credit card information.
In addition, Alert Logic, a security company based in Texas, has posted test code that could crash patched or unpatched PCs running pcAnywhere, via a denial-of-service attack that some observers believe could be used to hijack the machine.
Symantec's unusual move to recommend the disabling or uninstalling of its own software was in response to the 2006 theft of its source code, which the company only revealed in January. The company told the Reuters news service last month that the source code to its flagship Norton security software had been stolen in 2006, and that an internal investigation has shown the breach came from its own servers.
Previously, Symantec had said that the code had been stolen from a third party. There had been some evidence that it might have come from an Indian government server.
The internal investigation followed an extortion threat against Symantec by an individual claiming to be part of Anonymous, who sought a payment in exchange for not posting the source code. Symantec said it did not comply and... newsfactor.com » | Публикация может привести к тому, что конкуренты и злоумышленники получат доступ к секретным данным клиентов компании. Теперь там допускают, что Anonymous может также обнародовать код Norton Antivirus и Norton Internet Security. hitech.newsru.com » 2012-02-08 19:42 hitech.newsru.com / Новости / | An Indian hacker group has made good on its threats to publish stolen Symantec source code. The disclosure comes after ransom negotiations -- which the company said involved law enforcement agencies on a $50,000 sting operation -- stalled.
A hacker that goes by the handle YamaTough, who is associated with an Indian group affiliated with Anonymous that is called the Lords of Dharmaraja, published the source code to Symantec's pcAnywhere. The software allows users to remotely access and control other computers. YamaTough appears to have published the code on Pirate Bay.
"Symantec can confirm that the source code for pcAnywhere has been posted publicly. It is part of the original cache of code for 2006 versions of the products that Anonymous has claimed to possess throughout the past few weeks," Symantec said in a statement. "Symantec was prepared for the code to be posted at some point and has developed and distributed a series of patches since Jan. 23rd to protect pcAnywhere users against known vulnerabilities."
Get Patched Now
That said, Symantec is continuing to urge pcAnywhere customers to ensure that pcAnywhere version 12.5 is installed, apply all relevant patches that have been released and follow general security best practices. And Symantec warned that there may be more fallout before the drama is over. Specifically, the firm expects Anonymous will post the rest of the code it has claimed to have in its possession.
"So far, they have posted code for the 2006 versions of Norton Utilities and pcAnywhere. We also anticipate that at some point, they will post the code for the 2006 versions of Norton Antivirus Corporate Edition and Norton Internet Security," Symantec said. "As we have already stated publicly, this is old code and Symantec and Norton customers will not be at an increased risk as a result of any further... newsfactor.com » |  Сегодня утром на The Pirate Bay появилась раздача под заголовком "Symantec pcAnywhere Leaked Source Code". Архив размером 1,27 ГБ, вероятно, содержит исходные коды программы Symantec pcAnywhere.
Появлению файла предшествовала переписка между хакерами и компанией Symantec, в которой Symantec предлагала им $50 тыс., если они не будут выкладывать файлы и официально объявят, что их предыдущее сообщение о взломе было враньём. Переписка теперь тоже выложена на pastebin.
Две недели назад представитель Symantec признал факт взлома корпоративной сети в 2006 году, в результате чего были украдены исходные коды нескольких ключевых продуктов: Norton Antivirus Corporate Edition, Norton Internet Security, Norton SystemWorks (Norton Utilities и Norton GoBack) и pcAnywhere. habrahabr.ru » |  BOSTON (Reuters) - Symantec Corp said it is safe to use its pcAnywhere software for accessing remote PCs after it asked customers last week to disable the product because it put them at greater risk of being hacked.
Reuters: Internet News » | Symantec пошла на беспрецедентный для корпорации таких размеров шаг: она посоветовала пользователям деинсталлировать или отключить систему удаленного доступа к компьютеру pcAnywhere до тех пор, «пока не выйдет набор обновлений, устраняющий известные на сегодня риски возникновения уязвимости». osp.ru » 2012-01-27 13:10 osp.ru / Новости / | (Reuters) - Symantec Corp took the rare step of advising customers to stop using one of its products, saying its pcAnywhere software for accessing remote PCs is at increased risk of getting hacked after blueprints of that software were stolen.
Reuters: Internet News » |
|
| |
|