Lucene search

Hackers Exploit Critical Flaw in Ghost Platform with Cryptojacking Attack

🗓️ 04 May 2020 19:41:23Reported by Lindsey O'DonnellType

Hackers exploit critical flaw in Ghost's SaltStack infrastructure causing cryptojacking and widespread outages

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 146
Trend Micro Simply Security	This Week in Security News: How the Cybercriminal Underground Has Changed in 5 Years and the NSA Warns of New Sandworm Attacks on Email Servers	29 May 202012:27	–	trendmicroblog
Tenable Nessus	SUSE SLED15 / SLES15 Security Update : salt (SUSE-SU-2020:1150-1)	30 Apr 202000:00	–	nessus
Tenable Nessus	SaltStack < 2019.2.4 / 3000.x < 3000.2 Multiple Vulnerabilities	7 May 202000:00	–	nessus
Tenable Nessus	Photon OS 3.0: Salt3 PHSA-2020-3.0-0091	18 May 202000:00	–	nessus
Tenable Nessus	openSUSE Security Update : salt (openSUSE-2020-564)	4 May 202000:00	–	nessus
Tenable Nessus	SUSE SLES15 Security Update : salt (SUSE-SU-2020:1151-1)	30 Apr 202000:00	–	nessus
Tenable Nessus	Photon OS 1.0: Salt PHSA-2020-1.0-0294	18 May 202000:00	–	nessus
Tenable Nessus	Debian DLA-2223-1 : salt security update	1 Jun 202000:00	–	nessus
Tenable Nessus	Photon OS 1.0: Salt3 PHSA-2020-1.0-0294	18 May 202000:00	–	nessus
Tenable Nessus	Ubuntu 14.04 LTS : Salt vulnerabilities (USN-6849-1)	26 Jun 202400:00	–	nessus

Source	Link
threatpost	www.threatpost.com/salt-bugs-full-rce-root-cloud-servers/155383/
threatpost	www.threatpost.com/salt-bugs-full-rce-root-cloud-servers/155383/
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
nvd	www.nvd.nist.gov/vuln/detail/CVE-2020-11652
github	www.github.com/saltstack/salt
threatpost	www.threatpost.com/newsletter-sign/
status	www.status.ghost.org/
lists	www.lists.opensuse.org/opensuse-security-announce/2020-04/msg00047.html
register	www.register.gotowebinar.com/register/5064791868226032141
register	www.register.gotowebinar.com/register/5064791868226032141

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

04 May 2020 19:23Current

9.3High risk

Vulners AI Score9.3

EPSS0.9439