Security News

Citrix warns admins to manually mitigate PuTTY SSH client bug
2024-05-09 19:27

Citrix notified customers this week to manually mitigate a PuTTY SSH client vulnerability that could allow attackers to steal a XenCenter admin's private SSH key. The security flaw impacts multiple versions of XenCenter for Citrix Hypervisor 8.2 CU1 LTSR, which bundle and use PuTTY to make SSH connections from XenCenter to guest VMs when clicking the "Open SSH Console" button.

Cisco Warns of Global Surge in Brute-Force Attacks Targeting VPN and SSH Services
2024-04-17 08:38

Cisco is warning about a global surge in brute-force attacks targeting various devices, including Virtual Private Network (VPN) services, web application authentication interfaces, and SSH...

PuTTY SSH client flaw allows recovery of cryptographic private keys
2024-04-16 15:01

A vulnerability tracked as CVE-2024-31497 in PuTTY 0.68 through 0.80 could potentially allow attackers with access to 60 cryptographic signatures to recover the private key used for their generation. PuTTY is a popular open-source terminal emulator, serial console, and network file transfer application that supports SSH, Telnet, SCP, and SFTP. System administrators and developers predominantly use the software to remotely access and manage servers and other networked devices over SSH from a Windows-based client.

Widely-Used PuTTY SSH Client Found Vulnerable to Key Recovery Attack
2024-04-16 11:14

The maintainers of the PuTTY Secure Shell (SSH) and Telnet client are alerting users of a critical vulnerability impacting versions from 0.68 through 0.80 that could be exploited to achieve full...

Malicious SSH backdoor sneaks into xz, Linux world's data compression library
2024-03-29 21:58

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Cybercriminals Weaponizing Open-Source SSH-Snake Tool for Network Attacks
2024-02-22 11:07

A recently open-sourced network mapping tool called SSH-Snake has been repurposed by threat actors to conduct malicious activities. "SSH-Snake is a self-modifying worm that leverages SSH...

New SSH-Snake malware steals SSH keys to spread across the network
2024-02-21 19:03

A threat actor is using an open-source network mapping tool named SSH-Snake to look for private keys undetected and move laterally on the victim infrastructure. The worm searches for private keys in various locations, including shell history files, and uses them to stealthily spread to new systems after mapping the network.

Malicious NPM Packages Exfiltrate Hundreds of Developer SSH Keys via GitHub
2024-01-23 14:19

Two malicious packages discovered on the npm package registry have been found to leverage GitHub to store Base64-encrypted SSH keys stolen from developer systems on which they were installed. The...

NoaBot: Latest Mirai-Based Botnet Targeting SSH Servers for Crypto Mining
2024-01-10 15:15

A new Mirai-based botnet called NoaBot is being used by threat actors as part of a crypto mining campaign since the beginning of 2023. “The capabilities of the new botnet, NoaBot, include a...

Nearly 11 million SSH servers vulnerable to new Terrapin attacks
2024-01-03 15:06

Almost 11 million internet-exposed SSH servers are vulnerable to the Terrapin attack that threatens the integrity of some SSH connections. The Terrapin attack targets the SSH protocol, affecting both clients and servers, and was developed by academic researchers from Ruhr University Bochum in Germany.