This article has been indexed from CSO Online
Security researchers demonstrated an attack chain against Nagios, a popular open-source IT management and monitoring solution, that combined multiple vulnerabilities to achieve remote code execution. The report highlights the privileged position that infrastructure monitoring software has inside networks and their potentially large attack surface since they need to talk to and collect information from many endpoints.
“The idea of vulnerabilities within monitoring software or other management or information aggregation services has been popularized by the recent attacks on SolarWinds, and it is important to assess such software and consider the possibility of compromise,” researchers from security firm GRIMM wrote in a detailed write-up of the Nagios attack they devised. “Any large network should be investing in both network monitoring and endpoint protection, but security should be considered in the deployment of these solutions.”
Read the original article: Update and isolate your Nagios servers now