Lucene search
K

116 matches found

The Hacker News
The Hacker News
added 2023/05/24 10:0 a.m.2 views

Legion Malware Upgraded to Target SSH Servers and AWS Credentials

An updated version of the commodity malware called Legion comes with expanded features to compromise SSH servers and Amazon Web Services AWS credentials associated with DynamoDB and CloudWatch. "This recent update demonstrates a widening of scope, with new capabilities such the ability to...

6.7AI score
Exploits0
Kitploit
Kitploit
added 2023/05/16 12:30 p.m.30 views

Cbrutekrag - Penetration Tests On SSH Servers Using Brute Force Or Dictionary Attacks. Written In C

Penetration tests on SSH servers using dictionary attacks. Written in C. brute krag means "brute force" in afrikáans Disclaimer This tool is for ethical testing purpose only. cbrutekrag and its owners can't be held responsible for misuse by users. Users have to act as permitted by local law rules...

7.3AI score
Exploits0References1
Prion
Prion
added 2023/04/25 9:15 p.m.11 views

Hardcoded credentials

Git for Windows, the Windows port of Git, ships with an executable called connect.exe, which implements a SOCKS5 proxy that can be used to connect e.g. to SSH servers via proxies when certain ports are blocked for outgoing connections. The location of connect.exe's config file is hard-coded as...

4.4CVSS7.5AI score0.00381EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/04/25 8:40 p.m.23 views

CVE-2023-29011 Git for Windows's config file of `connect.exe` is susceptible to malicious placing

Git for Windows, the Windows port of Git, ships with an executable called connect.exe, which implements a SOCKS5 proxy that can be used to connect e.g. to SSH servers via proxies when certain ports are blocked for outgoing connections. The location of connect.exe's config file is hard-coded as...

7.5CVSS8AI score0.00381EPSS
Exploits0References4
The Hacker News
The Hacker News
added 2023/03/02 11:39 a.m.60 views

New Cryptojacking Campaign Leverages Misconfigured Redis Database Servers

Misconfigured Redis database servers are the target of a novel cryptojacking campaign that leverages a legitimate and open source command-line file transfer service to implement its attack. "Underpinning this campaign was the use of transfer.sh," Cado Security said in a report shared with The...

0.5AI score
Exploits0
hivepro
hivepro
added 2023/01/06 2:13 p.m.25 views

Linux Malware Using SHC Compiler Installs CoinMiner and DDoS Bots

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new strain of Linux malware, developed using the Shc compiler, has been found to install a CoinMiner on infected systems. It is believed that this malware is being spread through dictionary attacks on...

2.6AI score
Exploits0
The Hacker News
The Hacker News
added 2023/01/04 8:32 a.m.34 views

New shc-based Linux Malware Targeting Systems with Cryptocurrency Miner

A new Linux malware developed using the shell script compiler shc has been observed deploying a cryptocurrency miner on compromised systems. "It is presumed that after successful authentication through a dictionary attack on inadequately managed Linux SSH servers, various malware were installed o...

0.1AI score
Exploits0
HackRead
HackRead
added 2022/11/16 9:26 p.m.18 views

New RapperBot malware targets gaming servers with DDoS attacks

By Deeba Ahmed RapperBot malware is known for brute-forcing SSH servers that can accept password authentication. This is a post from HackRead.com Read the original post: New RapperBot malware targets gaming servers with DDoS attacks...

4.6AI score
Exploits0
Akamai Blog
Akamai Blog
added 2022/10/26 1:0 p.m.22 views

dhpcd: The Cryptominer That Hid for Four Years

Akamai Researchers have uncovered a long-running attack campaign attack targeting Linux SSH servers that has been running a monero cryptominer...

2.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/09/22 12:0 a.m.44 views

F5 Networks BIG-IP : OpenSSH vulnerability (K11315080)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.10 / 16.1.4 / 17.1.1. It is, therefore, affected by a vulnerability as referenced in the K11315080 advisory. In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via...

5.3CVSS7AI score0.03681EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2022/08/07 4:29 a.m.55 views

New IoT RapperBot Malware Targeting Linux Servers via SSH Brute-Forcing Attack

A new IoT botnet malware dubbed RapperBot has been observed rapidly evolving its capabilities since it was first discovered in mid-June 2022. "This family borrows heavily from the original Mirai source code, but what separates it from other IoT malware families is its built-in capability to brute...

1.5AI score
Exploits0
The Hacker News
The Hacker News
added 2022/07/01 5:36 a.m.243 views

Microsoft Warns of Cryptomining Malware Campaign Targeting Linux Servers

A cloud threat actor group tracked as 8220 has updated its malware toolset to breach Linux servers with the goal of installing crypto miners as part of a long-running campaign. "The updates include the deployment of new versions of a crypto miner and an IRC bot," Microsoft Security Intelligence...

9.8CVSS0.6AI score0.99999EPSS
Exploits110
Github Security Blog
Github Security Blog
added 2022/05/24 10:1 p.m.79 views

golang.org/x/crypto/ssh NULL Pointer Dereference vulnerability

A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers. An attacker can craft an authentication request message for the gssapi-with-mic method which will cause...

7.5CVSS7.4AI score0.03228EPSS
Exploits0References8Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/05/24 12:0 a.m.36 views

NULL Pointer Dereference

A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers...

7.5CVSS5.3AI score0.03228EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2022/04/25 8:38 p.m.35 views

GO-2021-0356 Denial of service via crafted Signer in golang.org/x/crypto/ssh

Attackers can cause a crash in SSH servers when the server has been configured by passing a Signer to ServerConfig.AddHostKey such that 1 the Signer passed to AddHostKey does not implement AlgorithmSigner, and 2 the Signer passed to AddHostKey returns a key of type “ssh-rsa” from its PublicKey...

7.5CVSS9.6AI score0.03931EPSS
Exploits0References4
OSV
OSV
added 2022/03/01 2:15 a.m.4 views

CVE-2022-24446

An issue was discovered in Zoho ManageEngine Key Manager Plus 6.1.6. A user, with the level Operator, can see all SSH servers and user information even if no SSH server or user is associated to the operator...

4.3CVSS5.8AI score0.00929EPSS
Exploits0References3
NVD
NVD
added 2022/03/01 2:15 a.m.38 views

CVE-2022-24446

An issue was discovered in Zoho ManageEngine Key Manager Plus 6.1.6. A user, with the level Operator, can see all SSH servers and user information even if no SSH server or user is associated to the operator...

4.3CVSS0.00929EPSS
Exploits0References3
Prion
Prion
added 2022/03/01 2:15 a.m.27 views

Design/Logic Flaw

An issue was discovered in Zoho ManageEngine Key Manager Plus 6.1.6. A user, with the level Operator, can see all SSH servers and user information even if no SSH server or user is associated to the operator...

3.5CVSS4.7AI score0.00929EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2022/03/01 2:1 a.m.90 views

CVE-2022-24446

The CVE-2022-24446 entry concerns Zoho ManageEngine Key Manager Plus 6.1.6, where a user with Operator privileges can view all SSH servers and related user information regardless of associations. The connected documents confirm the affected software and the underlying issue as an access-control w...

4.3CVSS4.6AI score0.00929EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2022/03/01 12:0 a.m.5 views

ZOHO ManageEngine Key Manager Plus 安全漏洞

ZOHO ManageEngine Key Manager Plus is a WEB-based SSH secret key management solution from ZOHO that helps you harden, control, manage, monitor and audit SSH keys across the entire lifecycle of the keys. It provides administrators with the ability to visualize SSH management, helping them to...

4.3CVSS5.1AI score0.00929EPSS
Exploits0References5
Rows per page
Query Builder