All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Actively exploited vulnerability gives extraordinary control over server fleets
Hackers are exploiting a maximum-severity vulnerability that has the potential to give them complete control over thousands of servers, many of which handle mission-critical tasks inside data centers, the US Cybersecurity and Infrastructure Security Agency is warning.
The vulnerability, carrying a severity rating of 10 out of a possible 10, resides in the AMI MegaRAC, a widely used firmware package that allows large fleets of servers to be remotely accessed and managed even when power is unavailable or the operating system isn't functioning. These motherboard-attached microcontrollers, known as baseboard management controllers (BMCs), give extraordinary control over servers inside data centers.
Administrators use BMCs to reinstall operating systems, install or modify apps, and make configuration changes to large numbers of servers without physically being on premises and, in many cases, without the servers being turned on. Successful compromise of a single BMC can be used to pivot into internal networks and compromise all other BMCs.
Comments
If your BMC is not already firewalled from the internet, you fucked up.
Whodda have tought that possible. I'm shocked (not really) - but not surprised. At all.
Will anything change, will BMCs become safer? Nope, but the PR squadrons will spill a lot of nonsense and blabla over us.
But don't worry, AI will save us *LOL
I smell an entire new security sub-industry spawning.
@NDTN @crunchbits @SolidSeoVPS @dustinc are my preferred providers. I run everything from test to production with them.
Team - are we safe?
So thats why I got an email with a software update from Supermicro this morning.
Either way. When we had servers BMC was on its own firewalled network.
I wish supermicro would include update notes in those notifications -- or at least a security warning. Hard to know if it's important or not, especially when they advise not to flash unless something is broken.
Yes. And management systems like this should be firewalled off so only bona finde sysadmins have access to that network.
Otherwise, all it takes is one rogue employee from the field office in West Undershirt, MT or one compromised-by-email PC or one random guest network laptop in the parking lot and you're still vulnerable.