2 Vulnerabilities With 9.8 Severity Ratings Are Under Exploit. A 3rd Looms 9
Malicious hackers, some believed to be state-backed, are actively exploiting two unrelated vulnerabilities -- both with severity ratings of 9.8 out of a possible 10 -- in hopes of infecting sensitive enterprise networks with backdoors, botnet software, and other forms of malware. ArsTechnica: The ongoing attacks target unpatched versions of multiple product lines from VMware and of BIG-IP software from F5, security researchers said. Both vulnerabilities give attackers the ability to remotely execute malicious code or commands that run with unfettered root system privileges. The largely uncoordinated exploits appear to be malicious, as opposed to benign scans that attempt to identify vulnerable servers and quantify their number.
Backups??? (Score:1)
Re: (Score:1)
Obviously anyone affected by these is stupid unless they have backups, then no harm is done and everything is fine!!1
Backups don't prevent attackers from leaking private information. Look at EpikFail [wikipedia.org] for example.
Re: (Score:3, Insightful)
Stealing state secrets, financial resources, or technology isn't covered under "backups."
Re: (Score:2)
Stealing state secrets, financial resources, or technology isn't covered under "backups."
Posting to undo mistaken moderation.
You had one job F5 ... (Score:1)
Seems to me like F5 seems to historically have these happening kinda often considering that their product isn't nearly as complex as an OS.
cat /var/ssh/root/authorized_keys (Score:2)
What is that supposed to gain them, exactly? The contents will just be public keys.
I suppose they *might* get the email address for an admin that could be used for further social engineering attempts...
Re: (Score:3, Insightful)
Plus if you are breaking into a hypervisor host, you gain the ability to write to the VM storage. Which means you can place whatever you want in the guest OS with full rights and without tripping any security in the guest. If done to a cloud provider, you've just compromised every single firm they do business with for free.
INB4: "Bu