SolarWinds Says Unknown Hackers Exploited Newly Discovered Software Flaw

0
Loading...

SolarWinds software firm says that unknown hackers exploited a previously unknown flaw in two of its programmes to go after “a limited, targeted set of customers.”

The statement, issued over the weekend, did not identify the hackers involved.

In a question-and-answer page appended to the statement, SolarWinds said the flaw was “completely unrelated” to last year’s hack of government networks by alleged Russian spies, a sprawling espionage operation that used the Texas-based software company as a springboard to break into target networks.

Loading...

The page added that SolarWinds “is unaware of the identity of the potentially affected customers” caught up in the latest hacking campaign.

SolarWinds credited Microsoft researchers for finding the bug. The company said, “SolarWinds was recently notified by Microsoft of a security vulnerability related to Serv-U Managed File Transfer Server and Serv-U Secured FTP and have developed a hotfix to resolve this vulnerability. While Microsoft’s research indicates this vulnerability exploit involves a limited, targeted set of customers and a single threat actor, our joint teams have mobilised to address it quickly.

“The vulnerability exists in the latest Serv-U version 15.2.3 HF1 released May 5, 2021, and all prior versions. A threat actor who successfully exploited this vulnerability could run arbitrary code with privileges. An attacker could then install programmes; view, change, or delete data; or run programmes on the affected system.

Loading...

SolarWinds did not immediately return a Reuters request seeking comment on the announcement. Microsoft declined to comment.

© Thomson Reuters 2021


Stay connected with us on social media platform for instant update click here to join our  Twitter, & Facebook

Loading...

We are now on Telegram. Click here to join our channel (@TechiUpdate) and stay updated with the latest Technology headlines.

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Loading...

Read original article here

Denial of responsibility! TechAzi is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.

Loading...

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More