Microsoft Azure Flaws Open Admin Servers to Takeover

Researchers have disclosed two flaws in Microsoft’s Azure web hosting application service, App Services, which if exploited could enable an attacker to take over administrative servers. Azure App Services is an HTTP-based service for hosting web applications, and is available in both Microsoft...

CDRThief Malware Targets VoIP Gear in Carrier Networks

A malware dubbed CDRThief is targeting voice over IP VoIP softswitches inside the networks of large telecom carriers. According to ESET researchers, the malware was custom-developed to attack the Linknat VOS2009 and VOS3000 softswitches, which run on standard Linux servers. The code is capable of...

aaPanel Remote Code Execution Vulnerability

aaPanel is a simple but powerful control panel for Linux servers. A remote code execution vulnerability exists in aaPanel 6.6.6 and earlier versions. A remote attacker can exploit this vulnerability to execute arbitrary commands via the Script Content box on the Add Cron Job interface...

New Kaiji Botnet Targets IoT, Linux Devices

A new botnet has been infecting internet of things IoT devices and Linux-based servers, to then leverage them in distributed denial-of-service DDoS attacks. The malware, dubbed Kaiji, has been written from scratch, which researchers say is “rare in the IoT botnet landscape” today. Kaiji, which wa...

CVE-2019-18897

A flaw was found in salt. A UNIX Symbolic Link Symlink Following vulnerability in some implementations of Linux servers allows local attackers to escalate privileges from user salt to root...

New OpenSMTPD RCE Flaw Affects Linux and OpenBSD Email Servers

OpenSMTPD has been found vulnerable to yet another critical vulnerability that could allow remote attackers to take complete control over email servers running BSD or Linux operating systems. OpenSMTPD , also known as OpenBSD SMTP Server, is an open-source implementation of the Simple Mail Transf...

DDoS attacks in Q4 2019

News overview In the past quarter, DDoS organizers continued to harness non-standard protocols for amplification attacks. In the wake of WS-Discovery, which we covered in the previous report, cybercriminals turned to Apple Remote Management Service ARMS, part of the Apple Remote Desktop ARD...

Critical OpenSMTPD Bug Opens Linux and OpenBSD Mail Servers to Hackers

Cybersecurity researchers have discovered a new critical vulnerability CVE-2020-7247 in the OpenSMTPD email server that could allow remote attackers to take complete control over BSD and many Linux based servers. OpenSMTPD is an open-source implementation of the server-side SMTP protocol that was...

New Muhstik Botnet Attacks Target Tomato Routers

A new variant of the Muhstik botnet has appeared, this time with scanner technology that for the first time can brute-force web authentication to attack routers using Tomato open-source firmware, researchers have found. Researchers at Palo Alto Networks’ Unit 42 discovered the new variant...

Veeam Backup & Replication Fails to Connect to Linux Servers Due to Firewall Configuration

Challenge Veeam Backup & Replication may fail to connect to some Linux servers depending on their firewall configuration. For example, distributions based on Debian, SLES, or RHEL have default firewall configurations that may block necessary connections. Cause Linux OS firewall configuration and/...

JShielder v2.4 - Hardening Script For Linux Servers/ Secure LAMP-LEMP Deployer/ CIS Benchmark G

JSHielder is an Open Source Bash Script developed to help SysAdmin and developers secure there Linux Servers in which they will be deploying any web application or services. This tool automates the process of installing all the necessary packages to host a web application and Hardening a Linux...

BlueGhost - A Network Tool Designed To Assist Blue Teams In Banning Attackers From Linux Servers

This tool utilizes various linux network tools and bash scripting to assist blue teams on defending debian and ubuntu based servers from malicious attackers. Scan/Ban shows connected IPs, scans IP addresses for open ports using nmap and whois search to gather reconnaissance on connected IPs, show...

sshtron

This is a multiplayer Tron game accessible via SSH. The game is written in Go and uses the SSH protocol to allow multiple players to play together over a network. The game is designed to be played on a server, and players can connect to the server using SSH to play. The game uses a simple...

Remot3d v2.0 - Tool Created For Large Pentesters As Well As Just For The Pleasure Of Defacers To Control Server By Backdoors

Remot3d - A tool made to generate backdoor to control and exploit a server where the server runs the PHP Hypertext Preprocessor program. Equipped with a backdoor that has been Obfuscated which means that 100% FUD FULLY UNDETECTABLE in other words can penetrate the firewall of a server because of...

CentOS 7 : cockpit (CESA-2019:0482)

An update for cockpit is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Moderate: Red Hat Security Advisory: cockpit security update

An update for cockpit is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Cryptomining Malware Uninstalls Cloud Security Products

Researchers say they have discovered a unique malware family capable of gaining admin rights on targeted systems by uninstalling cloud-security products. Instances of the malicious activity are tied to coin-mining malware targeting Linux servers. Palo Alto Networks’ Unit 42, which published the...

PT-2022-7655 · Gpac +1 · Gpac +1

Name of the Vulnerable Software and Affected Versions: gpac versions prior to 1.1.0 Description: The issue is related to a null pointer dereference in the gpac multimedia platform. This can be exploited to cause a denial of service. The vulnerability is being actively exploited in the wild, with...

Aker - SSH Bastion/Jump Host/Jumpserver

Aker is a security tool that helps you configure your own Linux ssh jump/bastion host. Named after an Egyptian mythology deity who guarded the borders, Aker would act as choke point through which all your sysadmins and support staff access Linux production servers. Aker SSH gateway includes a lot...

Pyfiscan - Web-Application Vulnerability And Version Scanner

Pyfiscan is free web-application vulnerability and version scanner and can be used to locate out-dated versions of common web-applications in Linux-servers. Example use case is hosting-providers keeping eye on their users installations to keep up with security-updates. Fingerprints are easy to...