Security News

SSH-snake is an open-source worm that steals SSH private keys on compromised servers and uses them to move laterally to other servers while dropping additional payloads on breached systems. Previously, Sysdig identified roughly 100 CRYSTALRAY victims impacted by the SSH-Snake attacks and highlighted the network mapping tool's capabilities to steal private keys and facilitate stealthy lateral network movement.

The vulnerability, which is a signal handler race condition in OpenSSH's server, allows unauthenticated remote code execution as root on glibc-based Linux systems; that presents a significant security risk. This vulnerability, if exploited, could lead to full system compromise where an attacker can execute arbitrary code with the highest privileges, resulting in a complete system takeover, installation of malware, data manipulation, and the creation of backdoors for persistent access.

Citrix notified customers this week to manually mitigate a PuTTY SSH client vulnerability that could allow attackers to steal a XenCenter admin's private SSH key. The security flaw impacts multiple versions of XenCenter for Citrix Hypervisor 8.2 CU1 LTSR, which bundle and use PuTTY to make SSH connections from XenCenter to guest VMs when clicking the "Open SSH Console" button.

Cisco is warning about a global surge in brute-force attacks targeting various devices, including Virtual Private Network (VPN) services, web application authentication interfaces, and SSH...

A vulnerability tracked as CVE-2024-31497 in PuTTY 0.68 through 0.80 could potentially allow attackers with access to 60 cryptographic signatures to recover the private key used for their generation. PuTTY is a popular open-source terminal emulator, serial console, and network file transfer application that supports SSH, Telnet, SCP, and SFTP. System administrators and developers predominantly use the software to remotely access and manage servers and other networked devices over SSH from a Windows-based client.

The maintainers of the PuTTY Secure Shell (SSH) and Telnet client are alerting users of a critical vulnerability impacting versions from 0.68 through 0.80 that could be exploited to achieve full...

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

A recently open-sourced network mapping tool called SSH-Snake has been repurposed by threat actors to conduct malicious activities. "SSH-Snake is a self-modifying worm that leverages SSH...

A threat actor is using an open-source network mapping tool named SSH-Snake to look for private keys undetected and move laterally on the victim infrastructure. The worm searches for private keys in various locations, including shell history files, and uses them to stealthily spread to new systems after mapping the network.

Two malicious packages discovered on the npm package registry have been found to leverage GitHub to store Base64-encrypted SSH keys stolen from developer systems on which they were installed. The...