SolarWinds update: 4 more security vendors say they were targets
Mimecast, Palo Alto, Qualys and Fidelis. As expected, given time to go through DNS logs and networks, more companies are getting added to the SolarWinds net. Of note: both Mimecast and Palo Alto reported recent incidents that now tie back to the SolarWinds attackers. I’ll review this more in my SolarWinds section.
Decade-old Sudo bug found in Linux
Make your Sudo jokes – after you patch. The bug is a critical heap based buffer overflow giving any local user root, as in TOTAL, access on a vulnerable system. This will be widespread because Sudo exists by default in almost all Linux systems. Qualys who found the bug have made a few exploits to demo it, including defeating the ASLR defence that is supposed to protect against these exploits.
Apple patches 3 0-days exploited in the wild
Deja vu. Remember back in November when this happened? Good news: there are patches so update! These are a race condition with privilege escalation and a webkit flaw with RCE. Oh joy! Think daisy chaining flaws in targeted supply chain or cyber espionage attacks because it’s 2021 and SolarWinds. Amirite?
