HMMMMM...wasn’t it SolarWinds we were looking at a while ago - for the election???
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Hacked SolarWinds Software Lacked Basic Anti-Exploit Mitigation: Microsoft
Software vendor SolarWinds failed to enable an anti-exploit mitigation available since the launch of Windows Vista 15 years ago, an oversight that made it easy for attackers to launch targeted malware attacks in July this year.
The missing mitigation was flagged by Microsoft in a post mortem of last month’s zero-day attack that hit businesses using the SolarWinds Serv-U Managed File Transfer and Serv-U Secure FTP products.
Microsoft originally shipped the mitigation — called ASLR (Address Space Layout Randomization) in Windows Vista back in 2006 as part of a larger plan to make it more difficult to automate attacks against the operating system.
However, according to Microsoft’s newly minted Offensive Research & Security Engineering team, SolarWinds developers failed to enable ASLR compatibility in some modules.
“Enabling ASLR is a simple compile-time flag. [It] is a critical security mitigation for services which are exposed to untrusted remote inputs, and requires that all binaries in the process are compatible in order to be effective at preventing attackers from using hardcoded addresses in their exploits, as was possible in Serv-U,” Microsoft said. moar...
Hmmmm...
FTP is standard [whole] database exchange protocol.
World-wide.
Like, if you have a data base in Maricopa County and you want to send it to, say Germany, the 2 servers would use FTP.
That exchange of DB would show on both routers with IP and MAC addresses.
Hacked you say?