More Critical Problems With SolarWinds

Uploaded on 2021-02-08 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

The security company Trustwave has informed SolarWinds about three more critical vulnerabilities with their software. The most critical SolarWinds vulnerability allows remote code execution with high privileges of the company’s Orion platform, used for IT management. The other two vulnerabilities are exploitable by someone with local access to take control of the SOLARWINDS_ORION database, which could allow an attacker to steal data or add a new user with admin-level privileges. 

Hackers invested a lot of effort to ensure their code was properly inserted and remained undetected, prioritising operational security to avoid revealing their presence to SolarWinds developers. SolarWinds has released a patch to fix the security flaws, and neither company found has yet evidence that hackers had exploited the vulnerabilities.

These findings raise new questions about security at SolarWinds, which provides information technology software to government agencies and most Fortune 500 corporations. The potential damage, had the flaws been exploited, is hard to quantify. Theoretically, however, it could have resulted in the exposure of consumer data to corporate and government secrets.

The SolarWinds hack first came to light in December when US cyber security firm FireEye  said it had been breached by a “highly sophisticated” attack launched by a nation state with “top-tier offensive capabilities”. Nation-state hackers injected malicious code into software updates for Orion, which is used by organisations to monitor their computer networks for outages and problems.

Companies that installed the tainted Orion update unwittingly gave the hackers remote access to their networks, allowing them to steal information and possibly lay the groundwork for future attacks.

The US government has accused Russian hackers for the SolarWinds cyber attack. Also, Reuters said that Chinese hackers independently exploited a different flaw in SolarWinds products last year.

Trustwave:       NBC:      CRN:      Verdict:     Computer Weekly

You Might Also Read: 

Evidence Emerging About  Cyber Attacks On US Government:

 

 

« Myanmar’s New Military Rulers Block Facebook
Cloud Migration Challenges For Healthcare Organisations »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CERT.BY

CERT.BY

The National Computer Emergency Response Team of the Republic of Belarus.

Ethio-CERT

Ethio-CERT

National Cyber Emergency Readiness and Response Team of Ethiopia.

LRQA Nettitude

LRQA Nettitude

LRQA Nettitude is an award-winning global provider of cybersecurity services, bringing innovative thought leadership to the ever-evolving cybersecurity marketplace.

Cyber Defense Labs

Cyber Defense Labs

Cyber Defense Labs helps companies identify, mitigate and reduce risk as a trusted, reliable partner for cyber risk management.

TrainACE

TrainACE

TrainACE, is a professional computer training school offering courses in information technology with a focus on Advanced Security training.

Seltek Technology Solutions

Seltek Technology Solutions

Seltek provides Digital Forensics, eDiscovery, Cybersecurity Assessments and IT Support services.

Callsign

Callsign

Callsign’s mission is to seamlessly power the identification of every web, mobile and physical interaction.

Secure Code Warrior

Secure Code Warrior

Secure your code from the start with gamified, scalable online secure coding training for software developers.

Sponge

Sponge

Cybersecurity Sorted by Sponge is a seriously engaging training game to make your staff the first line of defence against cyber threats.

OnDefend

OnDefend

OnDefend delivers information security solutions that improve overall security posture, reduce risks and defend against continually evolving and persistent cyber adversaries.

Infosequre

Infosequre

Infosequre builds up your security awareness culture and turns your employees into the first line of defense against cyber risks.

Nu Quantum

Nu Quantum

Nu Quantum is developing quantum photonics hardware to power the quantum revolution in communications, sensing and computing.

PreCog Security

PreCog Security

PreCog Security is a US based cybersecurity risk mitigation company. We specialize in helping you find, minimize and manage vulnerability risk within your product, network and process.

Liminal

Liminal

Liminal is a boutique strategy advisory firm serving digital identity, fintech, and cybersecurity clients, and the private equity / venture capital community.

PolySwarm

PolySwarm

PolySwarm is a crowdsourced threat intelligence marketplace that provides a more effective way to detect, analyze and respond to the latest threats.

AT&T Cybersecurity

AT&T Cybersecurity

AT&T Cybersecurity’s Edge-to-Edge technologies provide threat intelligence, collaborative defense, security without the seams, and solutions that fit your business.