'Solarwinds123'?
Two Guys and an Opinion
English - March 05, 2021 09:00 - 37 minutes - 26.1 MBTechnology Education cybersecurity experts ciso gdpr cybersecurity cyber security digital transformation data privacy compliance iso 27001 risk Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: Deniiiiied!
Next Episode: HAFNIUM!
With the fallout of the Solarwinds breach continuing to grab the headlines, we discuss the concept of 'supply-chain compromise' and why it's such a favoured attack vector.
Also covered is the highly sophisticated zero-day exploit chaining attack perpetrated by a Chinese state-sponsored group called HAFNIUM against on-premise MS Exchange servers.
Oh, and Richard craves a beer-garden.....
Show notes:
As mentioned in this episode, the critical MS Exchange CVEs are:
Also included in the out-of-band update were three additional remote code execution vulnerabilities in Microsoft Exchange. These additional vulnerabilities are not known to be part of the HAFNIUM-attributed threat campaign but should be remediated with the same urgency nonetheless:
CVE-2021-26412 (CVSS:3.0 9.1 / 8.2)CVE-2021-26854 (CVSS:3.0 6.6 / 5.8)CVE-2021-27078 (CVSS:3.0 9.1 / 8.2)