Security
Headlines
HeadlinesLatestCVEs

Tag

#ssh

QwixxRAT: New Remote Access Trojan Emerges via Telegram and Discord

A new remote access trojan (RAT) called QwixxRAT is being advertised for sale by its threat actor through Telegram and Discord platforms. "Once installed on the victim's Windows platform machines, the RAT stealthily collects sensitive data, which is then sent to the attacker's Telegram bot, providing them with unauthorized access to the victim's sensitive information," Uptycs said in a new

The Hacker News
#web#mac#windows#auth#ssh#The Hacker News
CVE-2023-40293: Dude, It’s my Car: How to develop intimacy with your car !

Harman Infotainment 20190525031613 and later allows command injection via unauthenticated RPC with a D-Bus connection object.

Email Hacking Reigns as Top Cybersecurity Threat, Indusface Study

By Waqas The new study has identified a cybersecurity training gap and an alarming lack of preparedness in countering emerging threats. This is a post from HackRead.com Read the original post: Email Hacking Reigns as Top Cybersecurity Threat, Indusface Study

GHSA-hf7j-xj3w-87g4: 1Panel arbitrary file write vulnerability

# Summary An arbitrary file write vulnerability could lead to direct control of the server # Details ## Arbitrary file creation In the api/v1/file.go file, there is a function called SaveContentthat,It recieves JSON data sent by users in the form of a POST request. And the lack of parameter filtering allows for arbitrary file write operations.It looks like this: - Vulnerable Code ![微信图片_20230801092544](https://user-images.githubusercontent.com/136411443/257381095-4d7c014b-b699-4152-8b9d-2cc9399dfd85.png) # PoC - We can write the SSH public key into the /etc/.root/authorized_keys configuration file on the server. ![微信图片_20230801093243](https://user-images.githubusercontent.com/136411443/257381907-38784fab-77b9-47b9-a598-44ef7ad0b65c.png) - The server was successfully written to the public key ![微信图片_20230801093610](https://user-images.githubusercontent.com/136411443/257382468-b4836eee-f751-4b43-93ff-cb39fdc6c809.png) - Successfully connected to the target server using an SSH priv...

CVE-2023-39966: Release v1.5.0 · 1Panel-dev/1Panel

1Panel is an open source Linux server operation and maintenance management panel. In version 1.4.3, an arbitrary file write vulnerability could lead to direct control of the server. In the `api/v1/file.go` file, there is a function called `SaveContentthat,It `recieves JSON data sent by users in the form of a POST request. And the lack of parameter filtering allows for arbitrary file write operations. Version 1.5.0 contains a patch for this issue.

OpenSSH 9.4p1

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Red Hat Security Advisory 2023-4591-01

Red Hat Security Advisory 2023-4591-01 - Red Hat Update Infrastructure offers a highly scalable, highly redundant framework that enables you to manage repositories and content. It also enables cloud providers to deliver content and updates to Red Hat Enterprise Linux instances. Issues addressed include bypass and denial of service vulnerabilities.

CVE-2023-38248: Adobe Security Bulletin

Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Azure Serial Console Attack and Defense - Part 1

Ever had a virtual machine crash? Azure Serial console is a great way to directly connect to your Virtual machine and debug what went wrong. Azure Serial Console is a feature that’s available for free for everyone. While the primary intent of this feature is to assist users debug their machine, there are several interesting ways to abuse the features and compromise sensitive information.