**CENSORED** Worm Continues to Grow

Our HoneyPoints are still seeing an increase in the overall numbers of attacking systems exploiting the newest **CENSORED** vulnerability. The traffic has a destination port of TCP/4899.

Most sites should be filtering this port by now, but it seems some smaller organizations have not yet gotten the word about the problem.
Eastern Europe seems to be the home of more than a few systems scanning for this issue.

If you have not yet begun blocking this port, and are a **CENSORED** user who has not upgraded to date, then now would likely be a good time to implement blocks and inspect your exposed systems.

PS – I HAVE UPDATED THIS POSTING AS A RESULT OF A LETTER FROM THE VENDOR INVOLVED WHO REQUESTS THAT WE STOP USING THE TRADEMARKED NAME OF THEIR PRODUCT.

This entry was posted in General InfoSec by Brent Huston. Bookmark the permalink.

About Brent Huston

I am the CEO of MicroSolved, Inc. and a security evangelist. I have spent the last 20+ years working to make the Internet safer for everyone on a global scale. I believe the Internet has the capability to contribute to the next great leap for mankind, and I want to help make that happen!

Leave a Reply