It comes with a warning to CISOs, as well as vendors, to use prudent patch control, to protect their tools from being hijacked.
Included in the Integrity Tech botnet are raw devices from enterprise hardware manufacturers such as Cisco Systems (its Small Business Routers and Adaptive Security Appliances), Fortinet, and QNAP, as well as applications from software developers such as – Microsoft (Windows), IBM (Tivoli). and WebSphere Application Server), Atlassian (Confluence Data Center and server), and Apache (applications with Log4j2 logging code).
Devices are highly compromised due to unpublished vulnerabilities. A number of experts have previously reported that network devices are being compromised because they no longer receive security patches from their manufacturers. In fact, the report notes that some devices and applications on the bot have stopped receiving manufacturer support since 2016, and some affected devices were running Linux kernels as early as version 2.6, whose support ended in 2011.
Source link