Symantec victim of cyber attack

Edinburgh IT Support company, Consider IT, has recently learned that security software publisher Symantec has confirmed it was recently the victim of a cyber attack, resulting in the theft and disclosure of product source code. Via its website, the company affirmed Anonymous’ claims, citing a source code heist dating back to 2006. The post goes on to suggest that users running Norton Antivirus Corporate Edition, Norton Internet Security, Norton SystemWorks, Symantec Endpoint Protection 11.0, or Symantec AntiVirus 10.2 apply the latest maintenance patches.

Earlier this month, the online-collective Anonymous stated, via Twitter, that it possessed portions of the code in question and planned to release it in support of a class-action lawsuit filed by consumers – the suit claims Symantec employed scare tactics to encourage users to purchase its wares. If you have the company’s pcAnywhere solution deployed, Symantec suggests only using it for “business critical purposes,” as this software is “at increased risk.” Those looking to stay up-to-date on the breach and what Symantec is doing to ameliorate its effects can get the blow-by-blow from the source link below.

The security vendor said at the time that because the code is old, customers running Norton products today should not be in any increased danger of cyberattacks. However, the company admitted that users of pcAnywhere, which has not changed as much as the Norton products over the past few years, might face an increased risk because of the leak.

A patch for pcAnywhere 12.5 was released on Tuesday in order to address two security vulnerabilities that could lead to arbitrary code execution or privilege escalation. The flaws were reported privately to Symantec by security researchers Tal Seltzer and Edward Torkington.

“Additional patches are planned for release during the week of January 23 for pcAnywhere 12.0, pcAnywhere 12.1 and pcAnywhere 12.5,” Christine Ewing, director of product marketing for Symantec’s Endpoint Management group, said in a blog post on Tuesday. “Symantec will continue to issue patches as needed until a new version of pcAnywhere that addresses all currently known vulnerabilities is released.”

An attacker could potentially gain remote control of a company’s network and access sensitive information.

A Symantec spokesman said that fewer than 50,000 people used the standalone version of pcAnywhere – although the software was also bundled as part of other security packages.

It suggested that corporate customers who used pcAnywhere for business-critical activity should “understand the current risks” and “apply all relevant patches as they are released, and follow the general security best practices”.