Several exploits against the just-disclosed vulnerability in Computer Associates' enterprise backup software are in circulation, security companies said Thursday, raising the risk of attack on unpatched systems.
"If you haven't already patched your BrightStor ARCserve Backup software, now would be a really good time," said an analyst with the Internet Storm Center on the organization's handler's diary. "At least three different exploit codes and the code for a scanner have now been released."
Symantec confirmed that exploits were in the wild in an update to its DeepSight Threat Management System alert on the CA ARCserve for Windows vulnerability.
"Two exploit programs have been released, by a security researcher known as 'cybertronic,' which simply send a port binding or connect back payload to a vulnerable system," said Symantec. "[And] the public availability of an exploit tool designed to scan for and exploit hosts increases the likelihood of widespread exploitation occurring.
"Network administrators are strongly urged to ensure TCP and UDP ports 6050 and 6070 are filtered at the network perimeter, and that patches are deployed as soon as possible," Symantec continued.
With the move to the cloud, CISOs must shift priorities from operating security programs to overseeing (monitoring and auditing) outsourced cybersecurity programs.
2022 was a boon year for IT salaries. 2023 came in like a beast with layoffs, raise freezes, and ChatGPT, but that beast has few teeth.
Age is only a number. Don't let a high number cancel your career.
