Travel-ex!

Show Notes

In this episode we study in detail, (apologies, Richard rambled!), the shocking story of the demise of Travelex due in no small part to a highly successful ransomware attack. We cover just how avoidable these incidents are by dealing with those pesky vulnerabilities!  And the drinking word this week sounds like you're already half-cut when you say it....

Show Notes:

1. Apple - iOS and iPadOS 14.4. - iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and the 7th generation iPod touch. Apple also issued security updates for one of the vulnerabilities across a range of its other offerings, including Apple Watch (watchOS 7.3) and Apple TVs (tvOS 14.4).

• CVE-2021-1782.  Attackers could use the application to gain additional privileges in the device’s operating system, which would allow them to wreak all kinds of havoc.
• CVE-2021-1871 and CVE-2021-1870, reside in the WebKit component, Apple’s open-source web browser engine used by the Safari browser, could be exploited by a remote attacker and allow them to execute arbitrary code.  Flaws could be exploited by “by persuading a victim to visit a specially crafted Web site.”

1. SolarWinds - Three new vulnerabilities in SolarWinds products. The vulnerabilities, which have been already been patched, included a remote code execution flaw in Orion that required only network access. That flaw allows hackers to use an improperly installed Microsoft Messaging Queue to send commands for a server to execute.
2. Linux sudo privilege escalation heap overflow vulnerability  - CVE-2021-3156  - A successful exploitation allows any unprivileged user to escalate its privileges to root on the vulnerable host. Since it’s a privilege escalation vulnerability, it requires access to a local user on the vulnerable host in order to actually exploit it.

The vulnerability affects all the following sudo versions:

• All legacy versions from 1.8.2 to 1.8.31p2
• All stable versions from 1.9.0 to 1.9.5p1