Security Newsletter
11 May 2020
Hackers Breach LineageOS, Ghost, DigiCert Servers Using SaltStack Vulnerability
Days after cybersecurity researchers sounded the alarm over two critical vulnerabilities in the SaltStack configuration framework, a hacking campaign has already begun exploiting the flaws to breach servers of LineageOS, Ghost, and DigiCert. Tracked as CVE-2020-11651 and CVE-2020-11652, the disclosed flaws could allow an adversary to execute arbitrary code on remote servers deployed in data centers and cloud environments. The issues were fixed by SaltStack in a release published on April 29th.
Salt versions before 3000.2 and 2019.2.4 are vulnerable to CVE-2020-11651 and CVE-2020-11652. F-Secure disclosed the two vulnerabilities last week saying that “any competent hacker” would need less than 24 hours to develop a 100% reliable exploit. These organizations above are just a few examples of victims of the two Salt vulnerabilities published by F-Secure. Coin mining seems to be the main goal of the threat actor but more insidious payloads could be used instead.
With F-Secure's alert revealing more than 6,000 Salt vulnerable servers that can be exploited via this vulnerability, if left unpatched, companies are advised to update the Salt software packages to the latest version to resolve the flaws.
Read More on TheHackerNews
Even More on BleepingComputer
More #News
#Patch Time!
#Tech and #Tools
This content was created by Kindred Group Security. Please share if you enjoyed!
Kindred Group in brief
Kindred is one of the largest online gambling companies in the world with a diverse team of 1,600 people serving over 26 million customers across Europe, Australia and the US. We offer pre-game and live Sports betting, Poker, Casino and Games through 11 brands across our markets. We are committed to offer our customers the best deal and user experience possible, while ensuring a safe and fair gambling environment. Kindred is a pioneer in the online gambling industry and is an innovation driven company that builds on trust.
You can access the previous newsletters at
If you no longer wish to receive this newsletter, you can unsubscribe from this list.