And here comes another issue of the Sunday Weekly… On Mondays! I know it has been a while since the last update. I have been busy with lots of things, but I will do my best to, at least, keep the weekly posts. Thanks for reading!
I guess you have heard about the SolarWinds hack. If not, which I strongly doubt, I recommend reading this. That said, the latest update is the following: if you do not know who to blame for this big issue, blame the intern. Seriously, that is what this guy said in the Hearing for the Oversight and Homeland Security:
I believe that was a password that an intern used on one of his…servers back in 2017 which was reported to our security team and it was immediately removed.
If you do not believe me, watch this video:
Of course, I’m afraid I have to strongly disagree with blaming the user. This is like phishing emails; you cannot blame the users for clicking malicious links. They honestly thought the email from HR was legit, so they clicked. What you need to do is train the users to detect phishing emails. So for the passwords, it is the same. You need to teach your users, interns included, define safe passwords, basic rules, and keep reminding them that. So this is a clear management failure.
Finally, if you use VMWare ESXi and have VSphere, please, do check this advisory from VMWare. A CVSS of 9.8. It would allow a bad actor to access your VSphere console with admin privileges. There is a Proof of Concept available; therefore, I repeat, patch as soon as possible, and while you prepare, at least put in place the workarounds proposed.
That’s all for now! Remember to follow me on Twitter and, as usual, stay safe!