Turns out some servers with Supermicro motherboards have hard-coded, plain-text passwords that can be accessed by remote, unauthenticated attackers. There is a firmware update available to remediate the issue, however over 30,000 servers remain at risk.
Just how serious is this security flaw?
Listen to episode 157 of our security slice podcast and hear Craig Young and Tyler Reguly give an overview of the vulnerability and discuss why it’s your fault if you are still vulnerable, mitigation strategies and the beneficial effects of public disclosure.
Click Here to Listen to the Podcast
- Security Slice: Credit Cards on Safari
- Security Slice: P.F. Chang’s Paper Trail
- Security Slice: iPhones vs. Androids
- Security Slice: OpenSSL Woes
The Executive’s Guide to the Top 20 Critical Security Controls
Tripwire has compiled an e-book, titled The Executive’s Guide to the Top 20 Critical Security Controls: Key Takeaways and Improvement Opportunities, which is available for download [registration form required].
Title image courtesy of ShutterStock