The Canadian Centre for Cyber Security has issued a joint advisory with the FBI and other U.S. agencies about increasing attacks from "Truebot" malware., hackers are using a vulnerability in security software to access computer networks at organizations in Canada and the U.S. in order to steal sensitive data for financial gain.
"This vulnerability may permit an attacker to execute arbitrary code on a Netwrix Auditor system that is exposed to the internet, contrary to deployment best practices," Netwrix chief security officer Gerrit Lansing said in a statement to CTVNews.ca. "In turn, an attacker will be able to run enumeration attacks and conduct privilege escalation attempts in an infiltrated network. Both activities – enumeration and privilege escalation – are at the core of any cyber-attack.
Somayaji says that the very nature of the software and attack, known as a remote code execution, could give hackers access to entire computer systems and the type of sensitive data Netrix Auditor is designed to protect.