More Critical Problems With SolarWinds

The security company Trustwave has informed SolarWinds about three more critical vulnerabilities with their software. The most critical SolarWinds vulnerability allows remote code execution with high privileges of the company’s Orion platform, used for IT management. The other two vulnerabilities are exploitable by someone with local access to take control of the SOLARWINDS_ORION database, which could allow an attacker to steal data or add a new user with admin-level privileges. 

Hackers invested a lot of effort to ensure their code was properly inserted and remained undetected, prioritising operational security to avoid revealing their presence to SolarWinds developers. SolarWinds has released a patch to fix the security flaws, and neither company found has yet evidence that hackers had exploited the vulnerabilities.

These findings raise new questions about security at SolarWinds, which provides information technology software to government agencies and most Fortune 500 corporations. The potential damage, had the flaws been exploited, is hard to quantify. Theoretically, however, it could have resulted in the exposure of consumer data to corporate and government secrets.

The SolarWinds hack first came to light in December when US cyber security firm FireEye  said it had been breached by a “highly sophisticated” attack launched by a nation state with “top-tier offensive capabilities”. Nation-state hackers injected malicious code into software updates for Orion, which is used by organisations to monitor their computer networks for outages and problems.

Companies that installed the tainted Orion update unwittingly gave the hackers remote access to their networks, allowing them to steal information and possibly lay the groundwork for future attacks.

The US government has accused Russian hackers for the SolarWinds cyber attack. Also, Reuters said that Chinese hackers independently exploited a different flaw in SolarWinds products last year.

Trustwave:       NBC:      CRN:      Verdict:     Computer Weekly

You Might Also Read: 

Evidence Emerging About  Cyber Attacks On US Government:

 

 

« Myanmar’s New Military Rulers Block Facebook
Cloud Migration Challenges For Healthcare Organisations »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Research Institute in Trustworthy Industrial Control Systems (RITICS)

Research Institute in Trustworthy Industrial Control Systems (RITICS)

RITICS is one of three Research Institutes formed as part of the UK National Cyber Security Strategy.

Prevalent

Prevalent

Prevalent takes the pain out of third-party risk management. Companies use our services to eliminate the security and compliance exposures that come from working with vendors and suppliers.

Total Defense

Total Defense

Total Defense solutions include anti-malware, anti-virus, intrusion prevention & mobile security.

Securepoint

Securepoint

Securepoint is the market leader in the development of professional “Unified Threat Management” solutions in Germany.

Security & Intelligence Agency (SOA) - Croatia

Security & Intelligence Agency (SOA) - Croatia

SOA is the Croatian security and intelligence service. Areas of activity include Cyber Security and Information Security.

Cyber Security Canada

Cyber Security Canada

Cyber Security Canada is an accredited Certification Body for government-backed Cyber Security Certification Programs, designed specifically for small and medium-sized Canadian businesses.

East Midlands Cyber Resilience Centre (EMCRC)

East Midlands Cyber Resilience Centre (EMCRC)

The East Midlands Cyber Resilience Centre is set up to support and help protect businesses across the region against cyber crime.

Drawbridge

Drawbridge

Drawbridge is a premier provider of cybersecurity software and solutions to the alternative investment industry.

PacketViper

PacketViper

PacketViper’s Deception360 actively defends networks with deception-based threat detection and automated response to both external and internal cyber threats.

Sealing Technologies (SealingTech)

Sealing Technologies (SealingTech)

SealingTech is a leader in cutting edge research, products, engineering, and integration services in the Internet of Things, Edge, Machine Learning, Artificial Intelligence, and Cloud.

Polygraph

Polygraph

Polygraph monitors the activities of click fraud gangs, including how they operate, who they target, the techniques they use, and how to detect their fraud.

First Focus

First Focus

First Focus is a managed service provider for medium-sized organisations.

Anatomy IT

Anatomy IT

Anatomy IT empowers healthcare providers to deliver exceptional patient care with cutting-edge technology and cybersecurity solutions.

Netcraft

Netcraft

Netcraft is a global leader in cybercrime detection and disruption, combining cutting-edge technology with decades of experience to protect organizations of all sizes from digital threats and attacks.

VAST Data

VAST Data

The VAST Data Platform delivers scalable performance, radically simple data management and enhanced productivity for the AI-powered world.

SFY Information Technology

SFY Information Technology

SFY helps companies with Cyber Security and Managed IT, allowing them to focus on what really matters to them.