Skip to content ↓ | Skip to navigation ↓

Turns out some servers with Supermicro motherboards have hard-coded, plain-text passwords that can be accessed by remote, unauthenticated attackers. There is a firmware update available to remediate the issue, however over 30,000 servers remain at risk.

Just how serious is this security flaw?

Listen to episode 157 of our security slice podcast and hear Craig Young and Tyler Reguly give an overview of the vulnerability and discuss why it’s your fault if you are still vulnerable, mitigation strategies and the beneficial effects of public disclosure.

Click Here to Listen to the Podcast


More Podcasts:



picCheck out Tripwire SecureScan™, a free, cloud-based vulnerability management service  for up to 100 Internet Protocol (IP) addresses on internal networks. This new tool makes vulnerability management easily accessible to small and medium-sized businesses that may not have the resources for enterprise-grade security technology – and it detects the Heartbleed vulnerability.


picThe Executive’s Guide to the Top 20 Critical Security Controls

Tripwire has compiled an e-book, titled The Executive’s Guide to the Top 20 Critical Security Controls: Key Takeaways and Improvement Opportunities, which is available for download [registration form required].


Title image courtesy of ShutterStock