When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Symantec: More Patched Systems, Fewer Potential Victims

Symantec on Monday said that while worm-scanning activity against its corporate antivirus software had increased over the weekend, the number of infected systems had dropped. According to the security company's own DeepSight sensor network, scanning activity on TCP port 2967 is up. That scanning, said Symantec, is thought to originate with what it calls the "Sagevo" worm, also known as "Big Yellow."

"We're seeing a decrease in the number of unique IP addresses," says Vincent Weafer, senior director with Symantec's security response team. "But we're seeing more scanning activity. That actually makes sense, because as there are fewer unpatched systems, the remaining [infected systems] send out even more scans looking for a target. It eventually reaches a saturation [point]." The number of IP addresses associated with port 2967 scanning has fallen off 80% since late last week, Weafer said.

View: The full story
News source: CRN

Report a problem with article
Next Article

PowerColor to launch passively cooled X1950 Pro and XT cards

Previous Article

Samsung's Plan for Terabit Flash Memory

Join the conversation!

Login or Sign Up to read and post a comment.

6 Comments - Add comment