Mimecast, Palo Alto, Qualys and Fidelis. As expected, given time to go through DNS logs and networks, more companies are getting added to the SolarWinds net. Of note: both Mimecast and Palo Alto reported recent incidents that now tie back to the SolarWinds attackers. I’ll review this more in my SolarWinds section.
Make your Sudo jokes – after you patch. The bug is a critical heap based buffer overflow giving any local user root, as in TOTAL, access on a vulnerable system. This will be widespread because Sudo exists by default in almost all Linux systems. Qualys who found the bug have made a few exploits to demo it, including defeating the ASLR defence that is supposed to protect against these exploits.
Deja vu. Remember back in November when this happened? Good news: there are patches so update! These are a race condition with privilege escalation and a webkit flaw with RCE. Oh joy! Think daisy chaining flaws in targeted supply chain or cyber espionage attacks because it’s 2021 and SolarWinds. Amirite?