Outlaw cybergang attacking targets worldwide

Introduction In a recent incident response case in Brazil, we dealt with a relatively simple, yet very effective threat focused on Linux environments. Outlaw also known as "Dota" is a Perl-based crypto mining botnet that typically takes advantage of weak or default SSH credentials for its...

Outlaw Group Uses SSH Brute-Force to Deploy Cryptojacking Malware on Linux Servers

Cybersecurity researchers have shed light on an "auto-propagating" cryptocurrency mining botnet called Outlaw aka Dota that's known for targeting SSH servers with weak credentials. "Outlaw is a Linux malware that relies on SSH brute-force attacks, cryptocurrency mining, and worm-like propagation ...

10-Year-Old 'RUBYCARP' Romanian Hacker Group Surfaces with Botnet

A threat group of suspected Romanian origin called RUBYCARP has been observed maintaining a long-running botnet for carrying out crypto mining, distributed denial-of-service DDoS, and phishing attacks. The group, believed to be active for at least 10 years, employs the botnet for financial gain,...

outlaw.com.au Improper Access Control vulnerability OBB-3782733

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

This Week in Security News: February 2020 Patch Tuesday Update and Misconfigured AWS S3 Bucket Leaks 36,000 Inmate Records

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about the more than 140 February Patch Tuesday updates from Microsoft and Adobe. Also, read about how an unsecured and unencrypted...

Message Board / Threaded Discussion Forum SQL INJECTION

A R I A - S E C U R I T Y Message Board / Threaded Discussion Forum SQL INJECTION Vendor: http://www.codewidgets.com http://target.com/PATH/signin.aspx Username: admin Password: anything' OR 'x'='x Credits: Aria-Security Team http://aria-security.net http://outlaw.aria-security.info...

Dependet Forums (Username Field) Remote SQL Injection

A R I A - S E C U R I T Y Dependet Forums Username Field RemotE SQL Injection DORK: Powered by: Dependent Forums v1.02 Insert Your SQL Injection Code into the Username field. For Example ' union select from members where member=1 Credits: Aria-Security Team http://aria-security.net...

mtg_myhomepage.txt

Aria-Security.net Advisory Discovered by: O.U.T.L.A.W Gr33t to: A.U.R.A & Hessam-X & Cl0wn & DrtRp Software: mtgmyhomepage Component For Mambo 4.5 Vendor : http://www.kamgaing.com/ Attack method: Remote File Inclusion Source: if fileexists...

contxtd.txt

Aria-Security.net Advisory Discovered by: O.U.T.L.A.W Gr33t to: A.U.R.A & Hessam-X & Cl0wn & DrtRp Software: Mambo Components ContXTD Attack method: Remote File Inclusion Source: ensure this file is being included by a parent file / defined 'VALIDMOS' or die 'Direct Access to this location is not...

akoinclude.txt

Aria-Security.net Advisory Discovered by: O.U.T.L.A.W Gr33t to: A.U.R.A & Hessam-X & Cl0wn & DrtRp Software: Ako Comments mod Attack method: Remote File Inclusion Source: Description: This module shows users' comments from component AkoComments. File Version: 1.1 for Mambo 4.5...

mosbot.txt

Aria-Security.net Advisory Discovered by: O.U.T.L.A.W Gr33t to: A.U.R.A & Hessam-X & Cl0wn & DrtRp Software: Mambo Component - Display MOSBot Manager Attack method: Remote File Inclusion Source: includeonce "".$mosConfigabsolutepath."/administrator/components/". $componentdirectory ."/toolbar."...

Mambo Component - EstateAgent Remote File Inclusion

Aria-Security.net Advisory Discovered by: O.U.T.L.A.W www.Aria-security.net Gr33t to: A.U.R.A & Hessam-X & Cl0wn & DrtRp Software: Mambo Component - EstateAgent Attack method: Source: Don't allow direct linking defined 'VALIDMOS' or die 'Direct Access to this location is not allowed.' ; requireon...

Mambo Component - Display MOSBot Manager Remote File Inclusion Vuln

Aria-Security.net Advisory Discovered by: O.U.T.L.A.W www.Aria-security.net Gr33t to: A.U.R.A & Hessam-X & Cl0wn & DrtRp Software: Mambo Component - Display MOSBot Manager Attack method: Remote File Inclusion Source: includeonce "".$mosConfigabsolutepath."/administrator/components/"...

mtg_myhomepage Component For Mambo R.F.I

Aria-Security.net Advisory Discovered by: O.U.T.L.A.W www.Aria-security.net Gr33t to: A.U.R.A & Hessam-X & Cl0wn & DrtRp Software: mtgmyhomepage Component For Mambo 4.5 Vendor : http://www.kamgaing.com/ Attack method: Remote File Inclusion Source: if fileexists...