Daily Perk 3/17/2021

The beans started out green if that counts …

MS Exchange Server Hits: Chilean banking regulator reports server compromise. 32 Indian organizations have been compromised.

SolarWinds Update: per Bleeping Computer. Mimecast, a major email security provider, reported they were accessed via the Sunburst backdoor. The attackers accessed email, contact info, and took source code. Mimecast says it does not look like enough code was taken to do anything significant, but given the number of things that come to light post compromise I am pessimistic. Also: Note the abuse of certificates in the attack. Mimecast published an Incident Report with more details.

Trio of 15 year old Linux bugs found per Sophos

Security researcher at Grimm identified three bugs in the Linux kernel that fortunately are now patched and which no one else noticed in all this time. Read their report here. This was for iSCSI implementation, which isn’t something at the forefront anymore. However – as we know so well with Windows and older Linux libraries – age doesn’t matter. There are many components that have been around for years, even decades, in which major vulnerabilities are currently being identified. Some are critical, allowing for RCE and total system compromise. And with Linux systems some of these kernel modules are configured to be automatically loaded by certain apps. Not to be overly dramatic but there could be a ticking time bomb buried deep within the network

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s