Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Security IT

2 Vulnerabilities With 9.8 Severity Ratings Are Under Exploit. A 3rd Looms 9

Malicious hackers, some believed to be state-backed, are actively exploiting two unrelated vulnerabilities -- both with severity ratings of 9.8 out of a possible 10 -- in hopes of infecting sensitive enterprise networks with backdoors, botnet software, and other forms of malware. ArsTechnica: The ongoing attacks target unpatched versions of multiple product lines from VMware and of BIG-IP software from F5, security researchers said. Both vulnerabilities give attackers the ability to remotely execute malicious code or commands that run with unfettered root system privileges. The largely uncoordinated exploits appear to be malicious, as opposed to benign scans that attempt to identify vulnerable servers and quantify their number.
This discussion has been archived. No new comments can be posted.

2 Vulnerabilities With 9.8 Severity Ratings Are Under Exploit. A 3rd Looms

Comments Filter:
  • Obviously anyone affected by these is stupid unless they have backups, then no harm is done and everything is fine!!1
    • by Anonymous Coward

      Obviously anyone affected by these is stupid unless they have backups, then no harm is done and everything is fine!!1

      Backups don't prevent attackers from leaking private information. Look at EpikFail [wikipedia.org] for example.

    • Re: (Score:3, Insightful)

      by Virtucon ( 127420 )

      Stealing state secrets, financial resources, or technology isn't covered under "backups."

      • Stealing state secrets, financial resources, or technology isn't covered under "backups."

        Posting to undo mistaken moderation.

  • by Anonymous Coward

    Seems to me like F5 seems to historically have these happening kinda often considering that their product isn't nearly as complex as an OS.

  • What is that supposed to gain them, exactly? The contents will just be public keys.

    I suppose they *might* get the email address for an admin that could be used for further social engineering attempts...

    • Re: (Score:3, Insightful)

      by codebase7 ( 9682010 )
      If only. Many of these have SSO integrations. Even for service accounts. So simply logging in or gaining the ability to execute code gives access to a crap ton of other things.

      Plus if you are breaking into a hypervisor host, you gain the ability to write to the VM storage. Which means you can place whatever you want in the guest OS with full rights and without tripping any security in the guest. If done to a cloud provider, you've just compromised every single firm they do business with for free.

      INB4: "Bu

"The following is not for the weak of heart or Fundamentalists." -- Dave Barry

Working...