We noticed you're blocking ads.

Keep supporting great journalism by turning off your ad blocker.

Questions about why you are seeing this? Contact us

Font Size

- Aa +

Mon 23 Feb 2009 09:59 AM

Font Size

- Aa +

Symantec denies recent hack claim

Says ethical hacker based report on error message and that there was no security vulnerability involved

Symantec has hit back on claims that its EMEA site was the recent target of a successful hack attack, stating that there was no security vulnerability involved.As soon as the news broke, Symantec took down the site and conducted its own tests to determine that the “individual who reported it based the report on an error message”.

The company added that no company or customer information was exposed in the incident.

In response to the ethical hacker’s claims that he used a blind SQL injection to access the security vendor’s database, Symantec posted a note on the HackersBlog site to state that: “Upon thorough investigation, we have determined that the Blind SQL Injection is, in fact, not effective. The difference in response between valid and injected queries exists because of inconsistent exception handling routine for language options.”

In a generous move, Symantec thanked the hacker, identified only as unu, for notifying them about the issue.

HackersBlog, in response, stated that they “appreciate and support this type of response from a company, more so a vendor! This could help other organisation see and understand that the best way to approach things is by open communication and dialog.”

Arabian Business: why we're going behind a paywall

For all the latest tech news from the UAE and Gulf countries, follow us on Twitter and Linkedin, like us on Facebook and subscribe to our YouTube page, which is updated daily.