Search
Homepage Rankings and Research Companies Channelcast Marketing Matters CRNtv Events WOTC Cisco Partner Summit Digital 2020 NetApp Digital Newsroom HPE Zone The Business Continuity Center Enterprise Tech Provider Masergy Zenith Partner Program Newsroom HP Reinvent Digital Newsroom Hitachi Vantara Digital Newsroom IBM Newsroom Juniper Newsroom Intel Partner Connect 2021 Avaya Newsroom Experiences That Matter The IoT Integrator Intel Tech Provider Zone NetApp Data Fabric WatchGuard Digital Newsroom

Symantec pcAnywhere Exposes 200,000 Systems To Attack

A security vendor reports that recently discovered vulnerabilities in Symantec pcAnywhere software exposes as many as 200,000 corporate systems to attack.

As many as 200,000 corporate systems could be commandeered by cyber-criminals as a result of recently discovered vulnerabilities in Symantec's pcAnywhere software for PC-to-PC remote control, a security vendor says.

Of the Internet-connected systems vulnerable to attack, as many as 5,000, or 2.5 percent, were electronic cash registers or other point-of-sales systems that process credit cards and are integrated with back-end systems, Boston-based Rapid7 said Wednesday. Most of the exposed systems found by Rapid7 were in the United States, China and Canada.

"The pcAnywhere vulnerabilities could therefore lead to a large wave of credit card breaches," the company said in an e-mailed statement.

Symantec was not immediately available for comment. The company last month advised customers to disable pcAnywhere until it could issue an update to patch vulnerabilities discovered after the software's underlying code was stolen by hacker collective Anonymous. The flaws affected the latest and older versions of the software.

Rapid7 found that systems running pcAnywhere could be "remote controlled, including screen, mouse and keyboard access, without knowledge of the owner." The product is mostly used on corporate systems, such as desktops, notebooks, servers and POS systems. Sensitive data that were at risk included social security numbers, banking information, credit card numbers, medical records, personal data and government information, the company said.

Meanwhile, a security researcher posted on the Web code that could be used to remotely crash pcAnywhere. Johnathan Norman, director of security research at Houston-based Alert Logic. Norman said Friday in his blog that he discovered the new flaw while studying the reported vulnerabilities.

Back to Top

Video

     

    trending stories

    sponsored resources