#ssh

The Black Basta ransomware group is using advanced social engineering tactics and a multi-stage infection process to target organizations.

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: MOBATIME Equipment: Network Master Clock - DTS 4801 Vulnerability: Use of Default Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to take control of the operating system for this product. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Network Master Clock - DTS 4801, a primary clock used to synchronize with secondary clocks, are affected: Network Master Clock - DTS 4801: FW Version 00020419.01.02020154 3.2 VULNERABILITY OVERVIEW 3.2.1 Use of Default Credentials CWE-1392 MOBATIME Network Master Clock - DTS 4801 allows attackers to use SSH to gain initial access using default credentials. CVE-2024-12286 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). A CVSS v4 score has also been calculated for CVE-2024-...

Identity security is all the rage right now, and rightfully so. Securing identities that access an organization’s resources is a sound security model. But IDs have their limits, and there are many use cases when a business should add other layers of security to a strong identity. And this is what we at SSH Communications Security want to talk about today. Let’s look at seven ways to add

The notorious spyware from Israel's NSO Group has been found targeting journalists, government officials, and corporate executives in multiple variants discovered in a threat scan of 3,500 mobile phones.

Over the past year, "Matrix" has used publicly available malware tools and exploit scripts to target weakly secured IoT devices — and enterprise servers.

Two men have been arrested for allegedly stealing data from and extorting dozens of companies that used the cloud data storage company Snowflake, but a third suspect -- a prolific hacker known as Kiberphant0m -- remains at large and continues to publicly extort victims. However, this person's identity may not remain a secret for long: A careful review of Kiberphant0m's daily chats across multiple cybercrime personas suggests they are a U.S. Army soldier who is or was recently stationed in South Korea.

Cyberattackers have been targeting the online NFT marketplace with emails claiming to make an offer to a targeted user; in reality, clicking on a malicious link takes victims to a crypto-draining site.

Aqua Nautilus researchers have discovered a campaign powering a series of large-scale DDoS attacks launched by Matrix, which…

PowerVR has an issue where PVRSRVAcquireProcessHandleBase() can cause psProcessHandleBase reuse when PIDs are reused.

Ubuntu Security Notice 7108-1 - Fabian Bäumer, Marcus Brinkmann, and Joerg Schwenk discovered that AsyncSSH did not properly handle the extension info message. An attacker able to intercept communications could possibly use this issue to downgrade the algorithm used for client authentication. Fabian Bäumer, Marcus Brinkmann, and Joerg Schwenk discovered that AsyncSSH did not properly handle the user authentication request message. An attacker could possibly use this issue to control the remote end of an SSH client session via packet injection/removal and shell emulation.