🚨 RegreSSHion vulnerability detected! 🚨 The Qualys Threat Research Unit (TRU) has identified a severe Remote Unauthenticated Code Execution (RCE) flaw in OpenSSH's server. CVE-2024-6387, named "regreSSHion," is a vulnerability discovered in OpenSSH's server (sshd) on glibc-based Linux systems. This flaw allows threat actors to run code remotely with root privileges. This flaw affects OpenSSH versions 8.5p1 to 9.8p1, allowing attackers to potentially compromise affected systems completely. It potentially compromises over 14 million OpenSSH instances, with around 700,000 directly exposed to the internet. Our vulnerability management service, SmartScan, is currently helping clients tackle vulnerabilities of this magnitude. It can swiftly identify issues and provide the necessary remedial actions. If you want to learn more about SmartScan, get in touch here 👉 https://lnkd.in/eU7heD49 #VulnerabilityManagement #CyberSecurity #RiskManagement
Cognisys’ Post
More Relevant Posts
-
🚨 Breaking Security News: regreSSHion Vulnerability Alert! 🚨 The Qualys Threat Research Unit (TRU) has uncovered a critical Remote Unauthenticated Code Execution (RCE) vulnerability in OpenSSH's server. This vulnerability allows attackers to execute code remotely as root. This is a significant threat, and our dedicated SmartScan team is on the front lines, proactively scanning for vulnerable software versions across the estate. Leveraging our internal tool, Tiberius, our SmartScan team has swiftly identified and started the remedial action. SmartScan is our managed vulnerability service that helps you stay ahead of potential threats, keeping your systems secure and resilient. Reach out to me if you want to know more 🔐 #CyberSecurity #VulnerabilityManagement #SmartScan #QualysTRU #regreSSHion #InfoSec #RCE #OpenSSH #ProactiveSecurity
SmartScan
https://cognisys.co.uk
To view or add a comment, sign in
-
A critical vulnerability, has been identified in Fluent Bit, an open-source log processor and forwarder widely used across major cloud providers. This flaw enables remote attackers to execute arbitrary code on affected systems, posing significant security risks. All major versions of Fluent Bit are impacted, necessitating immediate remediation to mitigate potential exploitation. The vulnerability allows adversaries to gain unauthorized access and control, which can lead to severe disruptions in cloud environments. Cybersecurity researchers discovered this flaw and have highlighted the critical need for swift patching. Major cloud service providers such as AWS, Google Cloud, and Microsoft Azure have acknowledged the vulnerability and are urging users to update their Fluent Bit installations.
To view or add a comment, sign in
-
🚨 Critical Alert for Cloud Security! 🚨 A severe vulnerability in Fluent Bit, a widely-used logging solution across major cloud providers like AWS, Google Cloud, and Azure, could allow denial-of-service and remote code execution attacks. This flaw, identified as CVE-2024-4323, impacts all major platforms. Users are advised to update to Fluent Bit 3.0.4, which contains the necessary patches. Until then, mitigate risks by limiting access to Fluent Bit's monitoring API. #CloudSecurity #CyberSecurity #FluentBit #Vulnerability #CloudProviders #AWS #GoogleCloud #Azure #InfoSec #SecurityAlert #TechNews #UpdateNow #PatchManagement https://lnkd.in/eDgq_hCe
Critical Fluent Bit flaw impacts all major cloud providers
bleepingcomputer.com
To view or add a comment, sign in
-
Tenable Research uncovered a critical remote code execution (RCE) vulnerability in Google Cloud Platform services, called "CloudImposer," potentially endangering millions of servers. The flaw stems from a supply chain weakness known as dependency confusion, allowing attackers to insert malicious code into cloud services. Tenable's findings highlight the immense risks of cloud-based supply chain attacks and the urgent need for enhanced security measures. Google has since patched the issue. Read more on: https://lnkd.in/gEU_7NwA
To view or add a comment, sign in
-
All cloud major providers vulnerable, do you even know if they patch ? When they patch ? If they got hacked ? No, and you won't, welcome to the #clowd "Critical Fluent Bit flaw impacts all major cloud providers" ⚠ A critical Fluent Bit vulnerability that can be exploited in denial-of-service and remote code execution attacks impacts all major cloud providers and many technology giants. cloud=leak #cybersecurity failure is the normal state of cloud #cloud https://lnkd.in/erAU8Rdr
Critical Fluent Bit flaw impacts all major cloud providers
bleepingcomputer.com
To view or add a comment, sign in
-
Cloud computing is the on-demand availability of computer system resources, especially data storage and computing power, without direct active management by the user. https://lnkd.in/dXZWf8_S #infosec #cybersecurity #pentest #pentesting #hacking #hackers #windows
Cloud Forensics (W56) - Digital Forensics Course Online - eForensics
https://eforensicsmag.com
To view or add a comment, sign in
-
Considerations for a Successful Azure Application Security Program https://lnkd.in/epsVFhGb
Considerations for a Successful Azure Application Security Program
https://www.cybersecurity-insiders.com
To view or add a comment, sign in
-
A multi-homed configuration refers to the practice of connecting a server to multiple networks or Internet Service Providers (ISPs). This ensures continuous operation through independent data centers, even if one connection fails. Employing nightly backups guards against complete data loss, while a 14-day retention policy provides a recovery window for data corruption or accidental deletion. Disaster recovery plans are crucial for minimizing the impact of outages. Technologies like Azure Backup, Azure Site Recovery, and Azure Storage, coupled with Microsoft 365's security features, are pivotal in creating VirtuWorks's resilient IT ecosystem. #SolveEverything #InfoSec #Cybersecurity #Microsoft #Azure
To view or add a comment, sign in
-
Secure compute, storage, and databases - https://lnkd.in/gHxDUCPc Master the art of securing Azure compute resources, storage, and databases, including advanced security measures, encryption, access control, and database protection. Prerequisites None https://lnkd.in/gHxDUCPc
AZ-500: Secure compute, storage, and databases - Training
learn.microsoft.com
To view or add a comment, sign in
-
🚨 Critical Security Alert 🚨 Discover how the "Linguistic Lumberjack" vulnerability (CVE-2024-4323) in Fluent Bit could impact major cloud infrastructures and put your data at risk. This flaw can lead to DoS attacks, sensitive information leaks, and even remote code execution. Ensure your systems are protected by understanding this vulnerability and the necessary mitigation steps. Read the full article to safeguard your cloud environment today! 🔗 Read More: https://bit.ly/3K6KwXA #CyberSecurity #CloudSecurity #FluentBit #VulnerabilityAlert #TechNews
‘Linguistic Lumberjack’ Vulnerability Affects Major Cloud Services
thecyberexpress.com
To view or add a comment, sign in
3,128 followers