ARTICLES & INSIGHTS

The Week In Review 01/02 – 05/02

Recently, three new vulnerabilities were found for SolarWinds, extending the number of already discovered flaws on the now famous IT monitoring and management platform. These vulnerabilities were judged to be serious as they could lead to a full server compromise. One of the vulnerabilities, affecting the Orion implementation of Microsoft Message Queue (CVE-2021-25274), allows remote unauthorised access giving the ability to run arbitrary code as LocalSystem. SolarWinds addressed these flaws a few days ago, but it might not be the last discovery as many people continue to closely scrutinise the Texas-based company.

Hildegard malware, used by the cybercrime group TeamTNT could be more threatening than it already is according to some researchers, as it is not yet mature. As a reminder, this malware was detected in January 2021 and is used to launch cryptojacking operations. However, researchers believe that the malware could lead to more large-scale cryptojacking attacks via Kubernetes environments or could steal data from applications running in Kubernetes clusters. This will be a case to follow in the coming weeks and months.

Google released patches a few days ago after they discovered a zero-day vulnerability, CVE-2021-21148. However, attackers were able to largely exploit this bug before the patches were applied. Chrome is the most popular web browser in the world securing just over 56% of the market. The giant advised their users to upgrade their browser as soon as possible. This news comes at the same time as the release of a research study showing that American office workers are highly vulnerable to cyber-attacks due to sharing too much personal information on social media. As a result, social engineering cyber attacks are increasingly frequent, and can lead to serious database hacks in sensitives fields such as healthcare. These cyber-attacks also remind us of the high impact of data breaches when they happen on sensitives websites. This is the case of the adult website EscortReviews.com who saw their database leaked on forums across the dark web. These breaches can have a serious impact on reputation and image of exposed users and lead to targeted blackmail or attacks.

Discover how resilient your organisation and effective its response is to a cyber-attack with Dionach’s Red Teaming engagement.

Read about all of this and more below:

New Malware Hijacks Kubernetes Clusters to Mine Monero.
(threatpost.com)

Most of the American office workers are vulnerable to cyber-attacks.
(cybersecurity-insiders.com)

Google patches an actively exploited Chrome zero-day.
(zdnet.com)

Multiple new flaws uncovered in SolarWinds software just weeks after high-profile supply chain attack.
(portswigger.net)

Female escort review site data breach affects 470,000 members.
(bleepingcomputer.com)