More Critical Problems With SolarWinds

Uploaded on 2021-02-08 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

The security company Trustwave has informed SolarWinds about three more critical vulnerabilities with their software. The most critical SolarWinds vulnerability allows remote code execution with high privileges of the company’s Orion platform, used for IT management. The other two vulnerabilities are exploitable by someone with local access to take control of the SOLARWINDS_ORION database, which could allow an attacker to steal data or add a new user with admin-level privileges. 

Hackers invested a lot of effort to ensure their code was properly inserted and remained undetected, prioritising operational security to avoid revealing their presence to SolarWinds developers. SolarWinds has released a patch to fix the security flaws, and neither company found has yet evidence that hackers had exploited the vulnerabilities.

These findings raise new questions about security at SolarWinds, which provides information technology software to government agencies and most Fortune 500 corporations. The potential damage, had the flaws been exploited, is hard to quantify. Theoretically, however, it could have resulted in the exposure of consumer data to corporate and government secrets.

The SolarWinds hack first came to light in December when US cyber security firm FireEye  said it had been breached by a “highly sophisticated” attack launched by a nation state with “top-tier offensive capabilities”. Nation-state hackers injected malicious code into software updates for Orion, which is used by organisations to monitor their computer networks for outages and problems.

Companies that installed the tainted Orion update unwittingly gave the hackers remote access to their networks, allowing them to steal information and possibly lay the groundwork for future attacks.

The US government has accused Russian hackers for the SolarWinds cyber attack. Also, Reuters said that Chinese hackers independently exploited a different flaw in SolarWinds products last year.

Trustwave:       NBC:      CRN:      Verdict:     Computer Weekly

You Might Also Read: 

Evidence Emerging About  Cyber Attacks On US Government:

 

 

« Myanmar’s New Military Rulers Block Facebook
Cloud Migration Challenges For Healthcare Organisations »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

DKCERT

DKCERT

DKCERT (Danish Computer Security Incident Response Team) handles security incidents on forskningsnettet, the National Research and Education Network (NREN) in Denmark.

Tecnalia Research & Innovation

Tecnalia Research & Innovation

Tecnalia is the largest center of applied research and technological development in Spain, a benchmark in Europe and a member of the Basque Research and Technology Alliance.

Quantum Security Solutions (QSec)

Quantum Security Solutions (QSec)

QSec is an innovative information security consultancy based in Ghana. We can provide your organisation with information security products and services that assure against information risk.

Snowflake

Snowflake

Empower your cybersecurity and compliance teams with Snowflake. Gain full visibility into security logs, at massive scale, while reducing costs of Security Information and Event Management systems.

Solvere One

Solvere One

Solvere One is a managed service provider (MSP) focused on corporate consulting and partnership.

Iconium Software

Iconium Software

DataLenz by Iconium offers continuous and real-time tracking of your data assets delivering you the tools you need to successfully reach and maintain your target security standards.

Plex IT

Plex IT

Plex IT provides managed IT services to organisations along with managed security services.

Association of Azerbaijani Cyber Security Organizations (AKTA)

Association of Azerbaijani Cyber Security Organizations (AKTA)

The Association of Azerbaijani Cyber Security Organizations (AKTA) is a non-commercial organization aimed at strengthening the country's cybersecurity system.

GoodAccess

GoodAccess

GoodAccess is the cybersecurity platform that gives your business the security benefits of zero trust without the complexities so your users can securely access digital resources anytime, anywhere.

Verinext

Verinext

Verinext delivers transformative business technology, from intelligently automating time-consuming tasks and protecting data assets to securing infrastructure and improving customer experiences.

ZoobeTek

ZoobeTek

ZoobeTek are a company focused on preventing leaks related to the security of business information3.

Ingenics Digital

Ingenics Digital

Ingenics Digital is a recognized initiator and leading service provider in the areas of software development and embedded systems.

Seal Security

Seal Security

Seal Security revolutionizes software supply chain security operations, empowering organizations to automate and scale their open source vulnerability remediation and patch management.

DuckDuckGoose

DuckDuckGoose

DuckDuckGoose offer advanced solutions to protect against manipulated videos, images, voices and texts.

Afripol

Afripol

AFRIPOL was set up to strengthen cooperation between the police agencies of AU member states in the prevention and fight against organized transnational crime, terrorism, and cybercrime.

Simpson Associates

Simpson Associates

Simpson Associates is a Data Transformation and managed services provider that helps organisations gain valuable insights from their data and make better-informed decisions.