Interview with Craig Searle, discussing the new SolarWinds vulnerabilities discovered and Mark Lukie walks us through how scammers have turned to Bots and automation to avoid detection – PLUS its Safer Internet Day 2021 #SID2021
Craig has been in the cyber security industry for nearly two decades. He has built cyber security ventures from the ground up most recently seeing Hivint, a new kind of professional services business, exit to Trustwave, an Optus Company in 2018. He now runs Trustwave (Pacific) consulting and professional services. At Trustwave, Craig continues to build on his extensive experience in the development, management & execution of IT security advice and assurance activities within large organisations, including banking and finance, critical infrastructure, ASX200 organisations and government (both state and federal).
Two security vulnerabilities in SolarWinds Orion Platform (CVE-2021-25275 and CVE-2021-25274) and one vulnerability in SolarWinds Serv-U FTP for Windows (CVE-2021-25276). All three vulnerabilities are severe bugs, with the most critical one in SolarWinds Orion Platform (CVE-2021-25274) allowing remote code execution with high privileges.
Trustwave – SpiderLabs Blog: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/full-system-control-with-new-solarwinds-orion-based-and-serv-u-ftp-vulnerabilities/
Barracuda Threat Spotlight: https://blog.barracuda.com/2021/02/04/threat-spotlight-automated-attacks-on-web-applications/
Mark Lukie is the Engineer Manager for Asia Pacific and Japan at Barracuda Networks. He has more than 19 years of IT industry experience with deep skills in networking, cybersecurity, backup/disaster recovery, public cloud platforms and systems integration. Mark has been with Barracuda for more than nine years and has extensive knowledge on the company’s entire solution portfolio, including security, application delivery and data protection solutions. He is a member of the Barracuda Global Cloud Security Team, which focuses on security solutions for public cloud platforms such as Microsoft Azure, Amazon Web Services, VMware vCloud Air and Google Cloud Platform.
Mark’s qualifications include: Microsoft Certified Systems Engineer/Administrator (MCSE/MCSA), Certified Novel Administrator (CNA), Barracuda Application Delivery & Security Expert (ADSX) and Barracuda Certified Technician & Expert for NextGen Firewalls. #cybersecurity #mysecuritytv #solarwinds #botnets #botautomation #waf
Trustwave – SpiderLabs Blog: https://www.trustwave.com/en-us/resou…
Barracuda Threat Spotlight: https://blog.barracuda.com/2021/02/04…