Cloud servers hacked via critical SaltStack vulnerabilities
Attackers are exploiting two critical vulnerabilities disclosed late last week in the popular SaltStack infrastructure automation software to take control of servers. Several organizations and open-source projects already had their servers hacked and had to shut down services over the weekend.
[ Keep up with 8 hot cyber security trends (and 4 going cold). Give your career a boost with top security certifications: Who they’re for, what they cost, and which you need. | Sign up for CSO newsletters. ]
The attacks began a couple of days after the vulnerabilities were publicly disclosed without a proof-of-concept exploit being available, highlighting that IT operations teams have very little time to react when flaws become known and should increasingly rely on automated patching.
Source:: IT news – Security