I read the article and clicked on the link to the Krebs on security site. Based on that site, which may or may not be correct, it's saying that the potential BMC product is BMC Performance Assurance Agent. Since this isn't a part of Remedy I really have no idea how it works and if there is a back door or if it was installed and they forgot to change a default password.
In any case, it's not Remedy, so that's a good thing. Thanks, Shawn Pierson Remedy Developer | Energy Transfer -----Original Message----- From: Action Request System discussion list(ARSList) [mailto:[email protected]] On Behalf Of Jeff Lockemy Sent: Thursday, January 30, 2014 7:23 AM To: [email protected] Subject: OT: Target Attack and BMC Software ITSM? This news article hit today... http://www.startribune.com/business/242688511.html It says that a default password in a BMC ITSM product may have contributed to the target attack. Jeff Jeff Lockemy Lead Engineer, NAVY 311 Enterprise Service Management PMW-240 ITIL V3 Foundation Certified QMX Support Services Inc. _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org "Where the Answers Are, and have been for 20 years" Private and confidential as detailed here: http://www.energytransfer.com/mail_disclaimer.aspx . If you cannot access the link, please e-mail sender. _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org "Where the Answers Are, and have been for 20 years"
