Cybercriminals are attacking the computer networks and systems of individuals, businesses and even global organizations at a time when cyber defences might be lowered due to the shift of focus to the health crisis.
Days after cybersecurity researchers sounded the alarm over two critical vulnerabilities in the SaltStack configuration framework, a hacking campaign has already begun exploiting the flaws to breach servers of LineageOS, Ghost, and DigiCert.
Tracked as CVE-2020-11651 and CVE-2020-11652, the disclosed flaws could allow an adversary to execute arbitrary code on remote servers deployed in data centers and cloud environments. The issues were fixed by SaltStack in a release published on April 29th.
Two severe security flaws have been discovered in the open-source SaltStack Salt configuration framework that could allow an adversary to execute arbitrary code on remote servers deployed in data centers and cloud environments. The vulnerabilities were identified by F-Secure researchers earlier this March and disclosed on Thursday, a day after SaltStack released a patch (version 3000.2) addressing the issues, rated with CVSS score 10.
“One being authentication bypass where functionality was unintentionally exposed to unauthenticated network clients, the other being directory traversal where untrusted input (i.e., parameters in network requests) was not sanitized correctly allowing unconstrained access to the entire filesystem of the master server.”
A hacker is selling a database containing the information of 91 million Tokopedia accounts on a dark web market for as little as $5,000. Other threat actors have already started to crack passwords and share them online.
Tokopedia is Indonesia’s largest online store, with 4,700 employees and over 90 million active users.
This weekend, data breach monitoring and cybersecurity intelligence firm Under the Breach discovered that a hacker was offering the account information for 15 million Tokopedia users on an online hacker forum.
Ransomware is arguably the most significant cybercrime innovation in recent history. The ransomware business model is so effective that it is now the most common and devastating threat to organizations of all sizes.