More Critical Problems With SolarWinds

Uploaded on 2021-02-08 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

The security company Trustwave has informed SolarWinds about three more critical vulnerabilities with their software. The most critical SolarWinds vulnerability allows remote code execution with high privileges of the company’s Orion platform, used for IT management. The other two vulnerabilities are exploitable by someone with local access to take control of the SOLARWINDS_ORION database, which could allow an attacker to steal data or add a new user with admin-level privileges. 

Hackers invested a lot of effort to ensure their code was properly inserted and remained undetected, prioritising operational security to avoid revealing their presence to SolarWinds developers. SolarWinds has released a patch to fix the security flaws, and neither company found has yet evidence that hackers had exploited the vulnerabilities.

These findings raise new questions about security at SolarWinds, which provides information technology software to government agencies and most Fortune 500 corporations. The potential damage, had the flaws been exploited, is hard to quantify. Theoretically, however, it could have resulted in the exposure of consumer data to corporate and government secrets.

The SolarWinds hack first came to light in December when US cyber security firm FireEye  said it had been breached by a “highly sophisticated” attack launched by a nation state with “top-tier offensive capabilities”. Nation-state hackers injected malicious code into software updates for Orion, which is used by organisations to monitor their computer networks for outages and problems.

Companies that installed the tainted Orion update unwittingly gave the hackers remote access to their networks, allowing them to steal information and possibly lay the groundwork for future attacks.

The US government has accused Russian hackers for the SolarWinds cyber attack. Also, Reuters said that Chinese hackers independently exploited a different flaw in SolarWinds products last year.

Trustwave:       NBC:      CRN:      Verdict:     Computer Weekly

You Might Also Read: 

Evidence Emerging About  Cyber Attacks On US Government:

 

 

« Myanmar’s New Military Rulers Block Facebook
Cloud Migration Challenges For Healthcare Organisations »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Institute for National Security and Counterterrorism (INSCT)

Institute for National Security and Counterterrorism (INSCT)

INSCT is a center for the study of national security, international security, and counterterrorism. Research programs include New Frontiers in Science, Cyber, & Technology

Progress Flowmon

Progress Flowmon

Progress Flowmon (formerly Flowmon Networks) provide high performance network monitoring technology and behavior analytics to enhance network performance and deal with cyber threats.

Data Shepherd

Data Shepherd

Data Shepherds primary focus is to protect your business. We achieve this by offering extensive and unique expertise in innovative IT and Cyber security solutions.

Logz.io

Logz.io

Logz.io is an AI-powered log analysis platform that offers the open source ELK Stack as a enterprise-grade cloud service with machine learning technology.

NSHC

NSHC

NSHC is a provider of mobile security solutions, cyber security consulting and training, and offensive research.

NTIC Cyber Center

NTIC Cyber Center

NTIC Cyber Center is an organization dedicated to making the National Capital Region (Washington DC) more resilient to cyber-attacks.

Trusona

Trusona

Trusona is a pioneer and leader in passwordless two-factor authentication (2FA).

EMnify

EMnify

EMnify is a Software-as-a-Service (SaaS) company, revolutionizing cellular Internet of Things (IoT).

CHT Security

CHT Security

CHT Security is a Managed Security Service Provider (MSSP) specialized in cyber security technologies enabling enterprises to defense against cyber threats to networks, gateways and endpoints.

FortifyData

FortifyData

FortifyData is the next generation of cyber risk management–a comprehensive platform that continuously evaluates your third-party, internal and people risks.

Aryaka

Aryaka

Aryaka’s SmartServices offer connectivity, application acceleration, security, cloud networking and insights leveraging global orchestration and provisioning.

Profian

Profian

Profian’s hardware-based solutions maintain your data's confidentiality and integrity in use, providing true confidential computing to meet regulatory and audit requirements.

BastionZero

BastionZero

BastionZero is leveraging cryptography to reimagine the tools used to manage remote access to servers, containers, clusters, applications and databases across cloud and on-prem environments.

watchTowr

watchTowr

Continuous Attack Surface Testing, with the watchTowr Platform. The future of Attack Surface Management.

Defence Innovation Accelerator for the North Atlantic (DIANA)

Defence Innovation Accelerator for the North Atlantic (DIANA)

The NATO DIANA accelerator programme is designed to equip businesses with the skills and knowledge to navigate the world of deep tech, dual-use innovation.

MIND

MIND

MIND is the first-ever data security platform that puts data loss prevention and insider risk management programs on autopilot, so you can automatically identify, detect and prevent data leaks.