-
Microsoft says recent Windows 11 updates break SSH connections
Microsoft has confirmed that last month's Windows security updates are breaking SSH connections on some Windows 11 22H2 and 23H2 systems.
- November 09, 2024
- 11:27 AM
2
-
Critical Kubernetes Image Builder flaw gives SSH root access to VMs
A critical vulnerability in Kubernetes could allow unauthorized SSH access to a virtual machine running an image created with the Kubernetes Image Builder project.
- October 16, 2024
- 12:58 PM
2
-
Sponsored Content
Free shadow SaaS inventory + security insightsDiscover all SaaS accounts ever created by anyone in your org, in minutes, along with insights on security risks and spend. Save time, money and effort by curbing SaaS sprawl and automating tasks like offboarding and user access reviews. Free trial.
-
CRYSTALRAY hacker expands to 1,500 breached systems using SSH-Snake tool
A new threat actor known as CRYSTALRAY has significantly broadened its targeting scope with new tactics and exploits, now counting over 1,500 victims whose credentials were stolen and cryptominers deployed.
- July 11, 2024
- 11:09 AM
- 0
-
Cisco warns of large-scale brute-force attacks against VPN services
Cisco warns about a large-scale credential brute-forcing campaign targeting VPN and SSH services on Cisco, CheckPoint, Fortinet, SonicWall, and Ubiquiti devices worldwide.
- April 16, 2024
- 12:11 PM
- 2
-
PuTTY SSH client flaw allows recovery of cryptographic private keys
A vulnerability tracked as CVE-2024-31497 in PuTTY 0.68 through 0.80 could potentially allow attackers with access to 60 cryptographic signatures to recover the private key used for their generation.
- April 16, 2024
- 11:01 AM
- 0
-
New SSH-Snake malware steals SSH keys to spread across the network
A threat actor is using an open-source network mapping tool named SSH-Snake to look for private keys undetected and move laterally on the victim infrastructure.
- February 21, 2024
- 02:03 PM
- 2
-
Nearly 11 million SSH servers vulnerable to new Terrapin attacks
Almost 11 million internet-exposed SSH servers are vulnerable to the Terrapin attack that threatens the integrity of some SSH connections.
- January 03, 2024
- 10:06 AM
- 0
-
Terrapin attacks can downgrade security of OpenSSH connections
Academic researchers developed a new attack called Terrapin that manipulates sequence numbers during the handshake process to breaks the SSH channel integrity when certain widely-used encryption modes are used.
- December 19, 2023
- 12:03 PM
- 0
-
Researchers extract RSA keys from SSH server signing errors
A team of academic researchers from universities in California and Massachusetts demonstrated that it's possible under certain conditions for passive network attackers to retrieve secret RSA keys from naturally occurring errors leading to failed SSH (secure shell) connection attempts.
- November 19, 2023
- 10:01 AM
- 0
-
ShadowSyndicate hackers linked to multiple ransomware ops, 85 servers
Security researchers have identified infrastructure belonging to a threat actor now tracked as ShadowSyndicate, who likely deployed seven different ransomware families in attacks over the past year.
- September 26, 2023
- 05:11 AM
- 0
-
New proxyjacking attacks monetize hacked SSH servers’ bandwidth
Attackers behind an ongoing series of proxyjacking attacks are hacking into vulnerable SSH servers exposed online to monetize them through services that pay for sharing unused Internet bandwidth.
- June 30, 2023
- 02:47 PM
- 0
-
Hackers infect Linux SSH servers with Tsunami botnet malware
An unknown threat actor is brute-forcing Linux SSH servers to install a wide range of malware, including the Tsunami DDoS (distributed denial of service) bot, ShellBot, log cleaners, privilege escalation tools, and an XMRig (Monero) coin miner.
- June 20, 2023
- 01:50 PM
- 3
-
Hackers use Azure Serial Console for stealthy access to VMs
A financially motivated cybergang tracked by Mandiant as 'UNC3944' is using phishing and SIM swapping attacks to hijack Microsoft Azure admin accounts and gain access to virtual machines.
- May 16, 2023
- 08:57 PM
- 0
-
GitHub.com rotates its exposed private SSH key
GitHub has rotated its private SSH key for GitHub.com after the secret was was accidentally published in a public GitHub repository. The software development and version control service says, the private RSA key was only "briefly" exposed, but that it took action out of "an abundance of caution."
- March 24, 2023
- 04:33 AM
- 0
-
FIN7 hackers create auto-attack platform to breach Exchange servers
The notorious FIN7 hacking group uses an auto-attack system that exploits Microsoft Exchange and SQL injection vulnerabilities to breach corporate networks, steal data, and select targets for ransomware attacks based on financial size.
- December 22, 2022
- 08:00 AM
- 0
-
Hackers trojanize PuTTY SSH client to backdoor media company
North Korean hackers are using trojanized versions of the PuTTY SSH client to deploy backdoors on targets' devices as part of a fake Amazon job assessment.
- September 15, 2022
- 04:45 PM
- 7
-
New Linux malware brute-forces SSH servers to breach networks
A new botnet called 'RapperBot' has emerged in the wild since mid-June 2022, focusing on brute-forcing its way into Linux SSH servers and then establishing persistence.
- August 04, 2022
- 12:22 PM
- 0
-
New ‘Lightning Framework’ Linux malware installs rootkits, backdoors
A previously undetected malware dubbed 'Lightning Framework' that targets Linux systems can be used to backdoor infected devices using SSH and deploy rootkits to cover the attackers' tracks.
- July 21, 2022
- 05:42 AM
- 0
-
New peer-to-peer botnet infects Linux servers with cryptominers
A new peer-to-peer botnet named Panchan appeared in the wild around March 2022, targeting Linux servers in the education sector to mine cryptocurrency.
- June 15, 2022
- 09:00 AM
- 0
-
Cisco Umbrella default SSH key allows theft of admin credentials
Cisco has released security updates to address a high severity vulnerability in the Cisco Umbrella Virtual Appliance (VA), allowing unauthenticated attackers to steal admin credentials remotely.
- April 21, 2022
- 04:16 AM
- 0
