116 matches found
Legion Malware Upgraded to Target SSH Servers and AWS Credentials
An updated version of the commodity malware called Legion comes with expanded features to compromise SSH servers and Amazon Web Services AWS credentials associated with DynamoDB and CloudWatch. "This recent update demonstrates a widening of scope, with new capabilities such the ability to...
Cbrutekrag - Penetration Tests On SSH Servers Using Brute Force Or Dictionary Attacks. Written In C
Penetration tests on SSH servers using dictionary attacks. Written in C. brute krag means "brute force" in afrikáans Disclaimer This tool is for ethical testing purpose only. cbrutekrag and its owners can't be held responsible for misuse by users. Users have to act as permitted by local law rules...
Hardcoded credentials
Git for Windows, the Windows port of Git, ships with an executable called connect.exe, which implements a SOCKS5 proxy that can be used to connect e.g. to SSH servers via proxies when certain ports are blocked for outgoing connections. The location of connect.exe's config file is hard-coded as...
CVE-2023-29011 Git for Windows's config file of `connect.exe` is susceptible to malicious placing
Git for Windows, the Windows port of Git, ships with an executable called connect.exe, which implements a SOCKS5 proxy that can be used to connect e.g. to SSH servers via proxies when certain ports are blocked for outgoing connections. The location of connect.exe's config file is hard-coded as...
New Cryptojacking Campaign Leverages Misconfigured Redis Database Servers
Misconfigured Redis database servers are the target of a novel cryptojacking campaign that leverages a legitimate and open source command-line file transfer service to implement its attack. "Underpinning this campaign was the use of transfer.sh," Cado Security said in a report shared with The...
Linux Malware Using SHC Compiler Installs CoinMiner and DDoS Bots
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new strain of Linux malware, developed using the Shc compiler, has been found to install a CoinMiner on infected systems. It is believed that this malware is being spread through dictionary attacks on...
New shc-based Linux Malware Targeting Systems with Cryptocurrency Miner
A new Linux malware developed using the shell script compiler shc has been observed deploying a cryptocurrency miner on compromised systems. "It is presumed that after successful authentication through a dictionary attack on inadequately managed Linux SSH servers, various malware were installed o...
New RapperBot malware targets gaming servers with DDoS attacks
By Deeba Ahmed RapperBot malware is known for brute-forcing SSH servers that can accept password authentication. This is a post from HackRead.com Read the original post: New RapperBot malware targets gaming servers with DDoS attacks...
dhpcd: The Cryptominer That Hid for Four Years
Akamai Researchers have uncovered a long-running attack campaign attack targeting Linux SSH servers that has been running a monero cryptominer...
F5 Networks BIG-IP : OpenSSH vulnerability (K11315080)
The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.10 / 16.1.4 / 17.1.1. It is, therefore, affected by a vulnerability as referenced in the K11315080 advisory. In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via...
New IoT RapperBot Malware Targeting Linux Servers via SSH Brute-Forcing Attack
A new IoT botnet malware dubbed RapperBot has been observed rapidly evolving its capabilities since it was first discovered in mid-June 2022. "This family borrows heavily from the original Mirai source code, but what separates it from other IoT malware families is its built-in capability to brute...
Microsoft Warns of Cryptomining Malware Campaign Targeting Linux Servers
A cloud threat actor group tracked as 8220 has updated its malware toolset to breach Linux servers with the goal of installing crypto miners as part of a long-running campaign. "The updates include the deployment of new versions of a crypto miner and an IRC bot," Microsoft Security Intelligence...
golang.org/x/crypto/ssh NULL Pointer Dereference vulnerability
A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers. An attacker can craft an authentication request message for the gssapi-with-mic method which will cause...
NULL Pointer Dereference
A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers...
GO-2021-0356 Denial of service via crafted Signer in golang.org/x/crypto/ssh
Attackers can cause a crash in SSH servers when the server has been configured by passing a Signer to ServerConfig.AddHostKey such that 1 the Signer passed to AddHostKey does not implement AlgorithmSigner, and 2 the Signer passed to AddHostKey returns a key of type “ssh-rsa” from its PublicKey...
CVE-2022-24446
An issue was discovered in Zoho ManageEngine Key Manager Plus 6.1.6. A user, with the level Operator, can see all SSH servers and user information even if no SSH server or user is associated to the operator...
CVE-2022-24446
An issue was discovered in Zoho ManageEngine Key Manager Plus 6.1.6. A user, with the level Operator, can see all SSH servers and user information even if no SSH server or user is associated to the operator...
Design/Logic Flaw
An issue was discovered in Zoho ManageEngine Key Manager Plus 6.1.6. A user, with the level Operator, can see all SSH servers and user information even if no SSH server or user is associated to the operator...
CVE-2022-24446
The CVE-2022-24446 entry concerns Zoho ManageEngine Key Manager Plus 6.1.6, where a user with Operator privileges can view all SSH servers and related user information regardless of associations. The connected documents confirm the affected software and the underlying issue as an access-control w...
ZOHO ManageEngine Key Manager Plus 安全漏洞
ZOHO ManageEngine Key Manager Plus is a WEB-based SSH secret key management solution from ZOHO that helps you harden, control, manage, monitor and audit SSH keys across the entire lifecycle of the keys. It provides administrators with the ability to visualize SSH management, helping them to...