Daily Perk 1/27/21

SolarWinds update: 4 more security vendors say they were targets

Mimecast, Palo Alto, Qualys and Fidelis. As expected, given time to go through DNS logs and networks, more companies are getting added to the SolarWinds net. Of note: both Mimecast and Palo Alto reported recent incidents that now tie back to the SolarWinds attackers. I’ll review this more in my SolarWinds section.

Decade-old Sudo bug found in Linux

Make your Sudo jokes – after you patch. The bug is a critical heap based buffer overflow giving any local user root, as in TOTAL, access on a vulnerable system. This will be widespread because Sudo exists by default in almost all Linux systems. Qualys who found the bug have made a few exploits to demo it, including defeating the ASLR defence that is supposed to protect against these exploits.

Apple patches 3 0-days exploited in the wild

Deja vu. Remember back in November when this happened? Good news: there are patches so update! These are a race condition with privilege escalation and a webkit flaw with RCE. Oh joy! Think daisy chaining flaws in targeted supply chain or cyber espionage attacks because it’s 2021 and SolarWinds. Amirite?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s