PYSEC-2024-33

The vantage6 technology enables to manage and deploy privacy enhancing technologies like Federated Learning FL and Multi-Party Computation MPC. Nodes and servers get a ssh config by default that permits root login with password authentication. In a proper deployment, the SSH service is not expose...

Cybercriminals Target Alibaba Cloud for Cryptomining, Malware

Cybercriminals are targeting Alibaba Elastic Computing Service ECS instances, disabling certain security features to further their cryptomining goals. Alibaba offers a few unique options that make it a highly attractive target for attackers, researchers noted. Register now for our LIVE event!...

OpenELEC and RasPlex have a hard-coded SSH root password

Overview OpenELEC and derivatives utilize a hard-coded default root password, and enable SSH root access by default. Description CWE-259: Use of Hard-coded Password OpenELEC has a hard-coded root password. The root partition is by default read-only, preventing a user from changing the password on...

MusicDaemon 0.0.3 - Remote Denial of Service etcshadow Stealer (2)

MusicDaemon 0.0.3 - Remote Denial of Service etcshadow Stealer 2 / MusicDaemon Hello ...... bin::9797:0::::: ftp::9797:0::::: sshd::9797:0::::: ...... root@vortex:/test Server Side View: root@vortex:/test/musicdaemon-0.0.3/src ./musicd -c ../musicd.conf -p 1234 Using configuration: ../musicd.conf...