GreyKeep Security

Expert security for an evolving digital age

Cybersecurity Daily: August 9, 2023

· ·

GreyKeep Cybersecurity Daily News

Your daily dose of relevant cybersecurity advisories, industry news, and product updates for Wednesday, August 9, 2023.

Advisories

[Read more…] about Cybersecurity Daily: August 9, 2023

Security Researchers Repurpose Amazon SSM Agent as a Remote Access Trojan

· ·

Laptop computer displaying AWS logo

Security researchers at Mitiga have discovered a technique for using AWS Systems Manager (SSM) Agent as a remote access trojan (RAT). The technique allows for persistent command and control of a compromised host by an attacker from within another AWS account.

SSM Agent is software that allows administrators to configure, manage, and update AWS resources through the Systems Manager service. It can be installed on a various systems, including Amazon Elastic Compute Cloud (EC2) instances, edge devices, on-premises servers, and virtual machines.

[Read more…] about Security Researchers Repurpose Amazon SSM Agent as a Remote Access Trojan

Cybersecurity Daily: August 3, 2023

· ·

GreyKeep Cybersecurity Daily News

Your dose of relevant cybersecurity advisories, industry news, and product updates for Thursday, August 3, 2023.

Advisories

[Read more…] about Cybersecurity Daily: August 3, 2023

Over 640 Citrix Servers Compromised Using RCE Vulnerability

· ·

Citrix logo

Attackers are actively exploiting a code injection vulnerability in Citrix Netscaler ADC and Gateway servers to gain remote access and exfiltrate data. The remote code execution (RCE) vulnerability is being tracked under CVE-2023-3519.

Security researchers from the non-profit Shadowserver Foundation estimate attackers have used the vulnerability to deploy web shells on at least 640 Citrix servers, with thousands of unpatched servers potentially impacted.

[Read more…] about Over 640 Citrix Servers Compromised Using RCE Vulnerability

GameOver(lay) Vulnerabilities in Ubuntu May Affect 40% of Cloud Users

· ·

Ubuntu Linux command line prompt
Photo by Gabriel Heinzer

Two privilege escalation vulnerabilities, collectively called GameOver(lay), may affect 40% of cloud workloads running on Ubuntu. The GameOver(lay) vulnerabilities were discovered by security firm Wiz and jointly reported by The Hacker News.

The vulnerabilities were reported under CVE-2023-32629 and CVE-2023-2640 and only affect Ubuntu kernels.

[Read more…] about GameOver(lay) Vulnerabilities in Ubuntu May Affect 40% of Cloud Users

How can we help you become more secure? Contact Us