Security News

Over the past several days, hackers have exploited two recently disclosed Salt vulnerabilities to compromise the servers of LineageOS, Ghost and DigiCert. Last week, F-Secure security researchers disclosed two vulnerabilities in Salt that could allow remote attackers to execute commands as root on "Master" and connected minions.

The open-source Salt management framework contains high-severity security vulnerabilities that allow full remote code execution as root on servers in data centers and cloud environments. "The ClearFuncs class also exposes the method prep auth info(), which returns the root key used to authenticate commands from the local root user on the master server. This root key can then be used to remotely call administrative commands on the master server. This unintentional exposure provides a remote un-authenticated attacker with root-equivalent access to the salt master."

A static analysis feature set to appear in GCC 10, which will catch common programming errors that can lead to security vulnerabilities, has scored an early win - it snared an exploitable flaw in OpenSSL. Bernd Edlinger discovered CVE-2020-1967, a denial-of-service flaw deemed to be a high severity risk by the OpenSSL team. While the flaw is an irritation - it's not remote-code execution but it can potentially hose servers and apps - programmers may be more interested in how it was uncovered.

BittWare, a Molex company, a leading supplier of enterprise-class FPGA accelerator products, is pleased to introduce the all new TeraBox 200DE edge server. Building upon the success of our market-leading range of TeraBox servers for the data center, the TeraBox 200DE enables world-class FPGA acceleration to be deployed in the more challenging, harsh environments demanded of edge applications.

VMware has fixed a critical vulnerability affecting vCenter Server, which can be exploited to extract highly sensitive information that could be used to compromise vCenter Server or other services which depend on the VMware Directory Service for authentication. vCenter Server is server management software for controlling VMware vSphere environments.

TLS 1.3: Slow adoption of stronger web encryption is empowering the bad guysTLS provides secure communication between web browsers, end-user facing applications and servers by encrypting the transmitted information, preventing eavesdropping or tampering attacks. Actively exploited MS Exchange flaw present on 80% of exposed serversAttackers aiming to exploit CVE-2020-0688, a critical Microsoft Exchange flaw patched by Microsoft in February 2020, don't have to look hard to find a server they can attack.

VMware has patched a critical vulnerability that can be exploited to compromise vCenter Server or other services that rely on the Directory Service for authentication. The weakness impacts vCenter Server 6.7 on Windows and virtual appliances, and it has been patched with the 6.7u3f update.

Successfully conducting cross-platform attacks targeting Linux, Windows and Android devices, the adversaries have been engaged in both financially motivated and targeted espionage attacks. For years, these groups have been strategically targeting Linux servers across a broad range of industry verticals, exploiting the immature defensive coverage within the environment and the inadequate use of endpoint protection and endpoint detection and response products, BlackBerry notes.

Most networks these days make do with one IP number that's shared between all the computers on the local network, which make do with so-called "Private IP numbers" that are reserved for internal use only. Because TURN servers can broker traffic between arbitrary services on arbitrary computers, you don't need to add TURN code to every type of server you run, meaning that you can dedicate TURN servers entirely to their job of "Packet brokering".

Attackers looking to exploit CVE-2020-0688, a critical Microsoft Exchange flaw patched by Microsoft in February 2020, don't have to look hard to find a server they can attack: according to an internet-wide scan performed by Rapid7 researchers, there are at least 315,000 and possibly as many as 350,000 vulnerable on-premise Exchange servers out there. Over 31,000 Exchange 2010 servers have not been updated since 2012.