BIT-GUACAMOLE-SERVER-2020-9497

Apache Guacamole 1.1.0 and older do not properly validate datareceived from RDP servers via static virtual channels. If a userconnects to a malicious or compromised RDP server, specially-craftedPDUs could result in disclosure of information within the memory ofthe guacd process handling the...

Master Key for Hive Ransomware Retrieved Using a Flaw in its Encryption Algorithm

Researchers have detailed what they call the "first successful attempt" at decrypting data infected with Hive ransomware without relying on the private key used to lock access to the content. "We were able to recover the master key for generating the file encryption key without the attacker's...

Mageia: Security Advisory (MGASA-2021-0272)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Analyzing the REvil Ransomware Attack

Over the past year, there has been a rise in extortion malware, e.g. Nefilim and Darkside, which steal and threaten to publish sensitive data or encrypt it until a ransom is paid. Nowadays, cybercriminals use various techniques to gain their initial foothold within a network in the organization...

Updated guacd packages fix security vulnerabilities

Prior to 1.0.0, Apache Guacamole used a cookie for client-side storage of the user's session token. This cookie lacked the "secure" flag, which could allow an attacker eavesdropping on the network to intercept the user's session token if unencrypted HTTP requests are made to the same domain...

ALSA-2021:1849 Moderate: freerdp security, bug fix, and enhancement update

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. The following packages have been upgraded to a later upstream version: freerdp 2.2.0...

Dark Web Pricing Skyrockets for Microsoft RDP Servers, Payment-Card Data

Cybercriminals are vying for Remote Desktop Protocol RDP access, stolen payment cards and DDoS-for-Hire services, based on a recent analysis of underground marketplace pricing. During the COVID-19 pandemic, cybercriminals have profited with “increasingly advantageous positions to benefit from the...

Debian DLA-2435-1 : guacamole-server security update

The server component of Apache Guacamole, a remote desktop gateway, did not properly validate data received from RDP servers. This could result in information disclosure or even the execution of arbitrary code. CVE-2020-9497 Apache Guacamole does not properly validate data received from RDP serve...

[SECURITY] [DLA 2435-1] guacamole-server security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2435-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany November 06, 2020 https://wiki.debian.org/LTS -...

CVE-2020-9497

Apache Guacamole 1.1.0 and older do not properly validate datareceived from RDP servers via static virtual channels. If a userconnects to a malicious or compromised RDP server, specially-craftedPDUs could result in disclosure of information within the memory ofthe guacd process handling the...

CVE-2020-9497

Apache Guacamole up to version 1.1.0 is affected by CVE-2020-9497 due to improper validation of data from RDP servers via static virtual channels, potentially allowing disclosure of memory in the guacd process when connecting to a malicious or compromised RDP server. Connected sources also refere...

CVE-2020-9497

Apache Guacamole 1.1.0 and older do not properly validate datareceived from RDP servers via static virtual channels. If a userconnects to a malicious or compromised RDP server, specially-craftedPDUs could result in disclosure of information within the memory ofthe guacd process handling the...

Important: Red Hat Security Advisory: freerdp security update

An update for freerdp is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

Ransomware Attack Takes Down Toll Group Systems, Again

Australian transportation and logistics giant Toll Group has been hit by a ransomware attack – for the second time in three months. The company said a relatively new form of ransomware known as Nefilim had targeted its systems. Toll Group, a subsidiary of Japan Post Holdings, is a freight and...

Low: Red Hat Security Advisory: freerdp and vinagre security, bug fix, and enhancement update

An update for freerdp and vinagre is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Linux Botnet Adding BlueKeep-Flawed Windows RDP Servers to Its Target List

Cybersecurity researchers have discovered a new variant of WatchBog, a Linux-based cryptocurrency mining malware botnet, which now also includes a module to scan the Internet for Windows RDP servers vulnerable to the Bluekeep flaw. BlueKeep is a highly-critical, wormable, remote code execution...

New Brute-Force Botnet Targeting Over 1.5 Million RDP Servers Worldwide

Security researchers have discovered an ongoing sophisticated botnet campaign that is currently brute-forcing more than 1.5 million publicly accessible Windows RDP servers on the Internet. Dubbed GoldBrute, the botnet scheme has been designed in a way to escalate gradually by adding every new...

xDedic Hacked Servers Market May Be Larger Than Originally Thought

New data anonymously shared with Kaspersky Lab researchers may enlarge the scope of and provide additional context to the hacked RDP servers for sale on the now defunct xDedic marketplace. The underground marketplace was disclosed in a report published last Tuesday describing an eBay-style platfo...

Underground Market Selling Cheap Access to Hacked Servers

Criminals and advanced attackers for two years have had at their disposal an extensive trading platform selling access to hacked servers worldwide. For as little as $6 USD, attackers can purchase access to a compromised machine and launch attacks or get a one-time peek at all the data on a server...

Mandriva Linux Security Advisory : freerdp (MDVSA-2015:171)

Updated freerdp packages fix security vulnerabilities : Integer overflows in memory allocations in client/X11/xfgraphics.c in FreeRDP through 1.0.2 allows remote RDP servers to have an unspecified impact through unspecified vectors CVE-2014-0250. Integer overflow in the licensereadscopelist...