[SECURITY] Fedora 36 Update: shellz-1.5.0-7.fc36

Shellz is a small utility to track and control your ssh, telnet, web and cust om shells and tunnels...

Microsoft Warns of Cryptomining Malware Campaign Targeting Linux Servers

A cloud threat actor group tracked as 8220 has updated its malware toolset to breach Linux servers with the goal of installing crypto miners as part of a long-running campaign. "The updates include the deployment of new versions of a crypto miner and an IRC bot," Microsoft Security Intelligence...

ToddyCat exploits unknown vulnerability in Microsoft Exchange servers to targets entities in Europe and Asia

Threat Level Actor Report For a detailed advisory, download the pdf file here Summary ToddyCat, an APT group is deploying web shells by exploiting an unknown vulnerability in the Microsoft Exchange Servers. They are initiating a multi-stage infection that aims at governmental bodies in Europe and...

Top Five Attacking IPs This Month: Their Locations May Not Be Where You Think

At Wordfence, we see large amounts of threat actor data, and often that data tells unexpected stories. Taking a look at just the top five attacking IP addresses over a 30 day period, you might be surprised to find out where these attacks are originating, and what they are doing. When most people...

Gshell - A Flexible And Scalable Cross-Plaform Shell Generator Tool

A simple yet flexible cross-platform shell generator tool. Name: GGreat Shell Description: A cross-platform shell generator tool that lets you generate whichever shell you want, in any system you want, giving you full control and automation. If you find this tool helpful, then please give me a...

“Multiple adversaries” exploiting Confluence vulnerability, warns Microsoft

Microsoft has warned that "multiple adversaries and nation-state actors" are making use of the recent Atlassian Confluence RCE vulnerability. A fix is now available for CVE-2022-26134. It is essential users of Confluence address the patching issue immediately. Confluence vulnerability: Background...

Contextual Code Execution

Description The main function uses the eval function which can lead to contextual code execution, allowing an attacker to gain access to a system and execute commands with the privileges of the running program by setting NUITKAPYTHONPATH, NUITKANAMESPACES or NUITKAPTHIMPORTED to a malicious paylo...

YODA Tool Found ~47,000 Malicious WordPress Plugins Installed in Over 24,000 Sites

As many as 47,337 malicious plugins have been uncovered on 24,931 unique websites, out of which 3,685 plugins were sold on legitimate marketplaces, netting the attackers $41,500 in illegal revenues. The findings come from a new tool called YODA that aims to detect rogue WordPress plugins and trac...

[SECURITY] Fedora 36 Update: shellz-1.5.0-6.fc36

Shellz is a small utility to track and control your ssh, telnet, web and cust om shells and tunnels...

[SECURITY] Fedora 34 Update: shellz-1.5.0-6.fc34

Shellz is a small utility to track and control your ssh, telnet, web and cust om shells and tunnels...

[SECURITY] Fedora 35 Update: shellz-1.5.0-6.fc35

Shellz is a small utility to track and control your ssh, telnet, web and cust om shells and tunnels...

New Incident Report Reveals How Hive Ransomware Targets Organizations

A recent Hive ransomware attack carried out by an affiliate involved the exploitation of "ProxyShell" vulnerabilities in the Microsoft Exchange Server that were disclosed last year to encrypt an unnamed customer's network. "The actor managed to achieve its malicious goals and encrypt the...

Fedora: Security Advisory for python-paramiko (FEDORA-2022-bb5c461682)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Magic Hound Exploiting Old Microsoft Exchange ProxyShell Vulnerabilities

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here APT35 aka Magic Hound, an Iranian-backed threat group, has begun using Microsoft Exchange ProxyShell vulnerabilities as an initial attack vector and to execute code through multiple web shells. The group has primarily targeted...

Moses Staff Hackers Targeting Israeli Organizations for Cyber Espionage

The politically motivated Moses Staff hacker group has been observed using a custom multi-component toolset with the goal of carrying out espionage against its targets as part of a new campaign that exclusively singles out Israeli organizations. First publicly documented in late 2021, Moses Staff...

Hackers Backdoored Systems at China's National Games Just Before Competition

Systems hosting content pertaining to the National Games of China were successfully breached last year by an unnamed Chinese-language-speaking hacking group. Cybersecurity firm Avast, which dissected the intrusion, said that the attackers gained access to a web server 12 days prior to the start o...

Mageia: Security Advisory (MGASA-2016-0328)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2014-0314)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2017-0005)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 34 Update: thefuck-3.32-1.fc34

This application corrects your previous console command. If you use BASH, you should add these lines to your .bashrc: alias fuck=3D'eval $thefuck $fc -ln -1; history -r' alias FUCK=3D'fuck' For other shells please check /usr/share/doc/thefuck/README.md...