LASER_oneXM

Level 36
Verified
Hackers kept busy this weekend exploiting vulnerable Salt instances used in various infrastructures for server management and automation.

Among the organizations that announced an intrusion are LineageOS, Vates (creators of open source Xen Orchestra), Ghost blogging platform, and DigiCert. Hundreds of servers, both masters and clients (minions) have likely been compromised at this point.

Bugs and exploit code are public

Salt versions before 3000.2 and 2019.2.4 are vulnerable to CVE-2020-11651 and CVE-2020-11652. F-Secure disclosed the two vulnerabilities last week saying that “any competent hacker” would need less than 24 hours to develop a 100% reliable exploit.
... ...
 

Antus67

Level 9
Verified
Lets face it its a never ending battle you have to be on your toes at all times and eyes in the back of your head to keep ahead of these exploits
 
Top