Cyber security news for all


    Vulnerabilities in SaltStack Salt management allow attackers authorization controls

    The vulnerabilities allow attackers to bypass the authentication and authorization controls that govern access to the Salt implementations. An attacker could use these vulnerabilities to remotely execute code with root privileges on the master and ultimately on all minions connected to the master. Salt is open source software from SaltStack that is used in infrastructure and security automation solutions. It is a popular tool used to maintain data centers and cloud environments.

    Vulnerabilities Affect Salt Versions Which Basically Cover All Saltstack Implementations

    However, experienced attackers can also perform more effective attacks. For example, they can install back doors through which they can explore the network and then proceed to the theft of confidential data or a variety of other attacks that are specific to their goals.

    The security vulnerabilities affect Salt versions and older ones, which basically cover all Salt implementations that were in use before the SaltStack update released today. While attackers will find it more difficult to reach hosts hidden from the internet, they can still take advantage of the masters by accessing corporate networks in other ways.

    Saltstack Has Published Additional Instructions On How To Secure Salt Implementations

    The F-Secure researchers say that organizations should take advantage of Salt’s new update features to ensure future patches, as they become available. Companies with vulnerable should also use additional controls to restrict access to the salt master ports in standard configurations. On this basis, system administration can be treated like developer code, because the corresponding configuration files themselves can be maintained by classic version managers, which have already proven themselves in software development. In the next step, the configuration management software takes care that the previously defined state is executed on the server.

    Recent Articles

    The warning sent to employees about Tiktok app was a mistake says Amazon

    On Friday morning, Amazon sent out a memo to its employees, asking them to uninstall the popular social media app TikTok off their phone....

    Other Android phones sold in the US contains pre-installed malware

    There’s a discovery of Pre-installed malware on another phone by researchers from Malwarebytes; through the lifeline Assistance program for sale in the United States....

    About 15 billion stolen passwords and usernames sold on the dark web.

    A recent finding has shown that about 15 billion passwords and usernames are distributed on the dark web. This compromise will bring about credential...

    Hundreds of multinational companies aimed by Russian BEC Gang

    According to the security firm Agari, there has been a discovery of a newly uncovered Russia-based business email compromise gang; BEC gang that scams...

    The slamming of undeletable Adware on Android users

    Researchers have discovered that about 14.8% of users of android phones that were targeted with mobile adware or malware the previous year have undeletable...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox