Last Updated: 2012-01-27 03:32:10 UTC
by Adam Swanger (Version: 1)
Need to attribute information to ISC? Want to provide users with an avenue to visit the ISC site? Want to link directly to the ISC Stormcast, Infocon or other information? These methods and more are listed on out ISC Linkback Page! https://isc.sans.edu/linkback.html
- Various text only links and terms: ISC, Stormcast, Log Submission http://isc.sans.edu/linkback.html#text
- Show an ISC image logo for your link back to ISC: Homepage, Stormcast http://isc.sans.edu/linkback.html#image
- ISC Inforcon status image http://isc.sans.edu/linkback.html#other
This works as DShield also. Just view the dshield.org url http://dshield.org/linkback.html
Don't see a link you'd like to use? Suggest in the comments section below or send any questions or comments in the contact form https://isc.sans.edu/contact.html
Adam Swanger, Web Developer (GWEB)
Internet Storm Center (http://isc.sans.edu)
Last Updated: 2012-01-26 04:51:20 UTC
by Bojan Zdrnja (Version: 1)
Symantec released a patch for pcAnywhere products that fixes couple of vulnerabilities, among which the most dangerous one allows remote code execution. You can see Symantec’s advisory here.
Now, for last couple of weeks there have been a lot of rumors about source code of several Symantec’s products that got stolen by yet unknown hackers. Besides a post that listed file names nothing else has been released in public yet, as far as we know.
However, Symantec also released a document (available here) that details security recommendations for pcAnywhere users. It is obvious that Symantec is aware of how critical published vulnerabilities are. It makes us wonder if there already have been active exploitation of the published vulnerabilities or Symantec is just extra careful?
We’ll keep an eye on this, and if you are a pcAnywhere user – PATCH NOW.
And a short update: according to DShield data it appears that someone started scanning around for services on port 5631 (pcAnywhere). While the number of sources is still relatively low (indicating a single scanner, or a small number of them), the number of targets is pretty high. See for yourself here.
Just further to the information Bojan has already provided. Keep in mind that pcAnywhere is part of a number of Symantec products including backup, security and of course it is part of the Altiris management suite. - MH