ISC Feature of the Week: ISC Link Back

Published: 2012-01-25. Last Updated: 2012-01-27 03:32:10 UTC
by Adam Swanger (Version: 1)
0 comment(s)

Overview
Need to attribute information to ISC? Want to provide users with an avenue to visit the ISC site? Want to link directly to the ISC Stormcast, Infocon or other information? These methods and more are listed on out ISC Linkback Page! https://isc.sans.edu/linkback.html

Features

Note
This works as DShield also. Just view the dshield.org url http://dshield.org/linkback.html


Don't see a link you'd like to use? Suggest in the comments section below or send any questions or comments in the contact form https://isc.sans.edu/contact.html

--
Adam Swanger, Web Developer (GWEB)
Internet Storm Center (http://isc.sans.edu)

Keywords: ISC feature
0 comment(s)

pcAnywhere users ? patch now!

Published: 2012-01-25. Last Updated: 2012-01-26 04:51:20 UTC
by Bojan Zdrnja (Version: 1)
6 comment(s)

Symantec released a patch for pcAnywhere products that fixes couple of vulnerabilities, among which the most dangerous one allows remote code execution. You can see Symantec’s advisory here.

Now, for last couple of weeks there have been a lot of rumors about source code of several Symantec’s products that got stolen by yet unknown hackers. Besides a post that listed file names nothing else has been released in public yet, as far as we know.

However, Symantec also released a document (available here) that details security recommendations for pcAnywhere users. It is obvious that Symantec is aware of how critical published vulnerabilities are. It makes us wonder if there already have been active exploitation of the published vulnerabilities or Symantec is just extra careful?

We’ll keep an eye on this, and if you are a pcAnywhere user – PATCH NOW.

Update

And a short update: according to DShield data it appears that someone started scanning around for services on port 5631 (pcAnywhere). While the number of sources is still relatively low (indicating a single scanner, or a small number of them), the number of targets is pretty high. See for yourself here.

Update 2

Just further to the information Bojan has already provided.  Keep in mind that pcAnywhere is part of a number of Symantec products including backup, security and of course it is part of the Altiris management suite. - MH

 

--
Bojan
INFIGO IS

Keywords: pcAnywhere Symantec
6 comment(s)
ISC StormCast for Wednesday, January 25th 2012 http://isc.sans.edu/podcastdetail.html?id=2281

Comments


Diary Archives