Symantec is downplaying the significance of a breach of its systems in 2006 that resulted in thesource code leak of its Norton Antivirus Corporate Edition, SystemWorks and pcAnywheresoftware.
We can definitively say users of[SEP 11 and SAV 10.2] face no cybersecurity risk from any attacks that might be generated by thecode stolen in 2006Cris Paden, senior manager of Symantec
The security giant said this week that the Symantec source code theft of the 2006-era softwareposes no risk to current Norton customers. As a result of the Symantecbreach, the company is reaching out to pcAnywhere users with remediation steps to maintainthe protection of their devices and information.
Due to the age of the exposed source code, except as specifically noted below, Symanteccustomers including those running Norton products should not be in any increased danger ofcyberattacks resulting from this incident, said Cris Paden, senior manager of Symantec CorporateCommunications.
The age of the source code severely limits the kind of attack that can be generated, Paden said.New security features in both Symantec and Norton products protect customers from any attackstemming from the old code.
Earlier this month, Symantec confirmed an India-based group suspected of having close ties withAnonymous obtainedthe source code to Symantec Endpoint Protection 11 and Symantec Antivirus 10.2. The company isbacktracking as a result of further evidence that the group is in possession of Norton source code,as it claimed in a post on the Pastebin website; the post has since been removed. Symantecinitially thought the source of the leak was the computer systems of a "third party" and that itssystems had not been penetrated.
We can definitively say users of [SEP 11 and SAV 10.2] face no cybersecurity risk from anyattacks that might be generated by the code stolen in 2006, Paden said, acknowledging that thecompanys earlier information was invalid.
Investigators revisit breach in hunt for wrongdoer
Paden told SearchSecurity.com that an initial computer forensics investigation was inconclusivein 2006. The revelation of the early source code has caused Symantec to reopen the breachinvestigation. The company does not know if a rogue employee was to blame for the leak or if thecompany was penetrated by an external attacker.
We revisited our records and logs from that time period based on the fact that all of the codethat Anonymous claimed they had was for 2006 versions of software. From there, we were able toconnect the dots that code actually was taken, Paden said. We have also not confirmed how thecode came into the possession of Anonymous.
Since the 2006 breach, Symantec said it has bolstered the security of its internal network byadding network monitoring, endpoint security and additional data loss protection technologies andcontrols. We also removed many non-essential legacy domains to ensure our overall networksecurity and redeveloped our internal security awareness and training processes, Paden said,stressing that the security improvements were not in response to the 2006 breach.
1 comments:
something interesting is here,
http://pastebin.com/crMtGUuq
Got it from a chinese underground forum...
Post a Comment