#ssh

The FTC has referred a complaint against TikTok and its parent company ByteDance to the Department of Justice.

The China-nexus cyber espionage actor linked to the zero-day exploitation of security flaws in Fortinet, Ivanti, and VMware devices has been observed utilizing multiple persistence mechanisms in order to maintain unfettered access to compromised environments. "Persistence mechanisms encompassed network devices, hypervisors, and virtual machines, ensuring alternative channels remain available

Cybersecurity researchers have uncovered a new malware campaign that targets publicly exposed Docket API endpoints with the aim of delivering cryptocurrency miners and other payloads. Included among the tools deployed is a remote access tool that's capable of downloading and executing more malicious programs as well as a utility to propagate the malware via SSH, cloud analytics platform Datadog

### Impact When RKE provisions a cluster, it stores the cluster state in a configmap called `full-cluster-state` inside the `kube-system` namespace of the cluster itself. This cluster state object contains information used to set up the K8s cluster, which may include the following sensitive data: - RancherKubernetesEngineConfig - RKENodeConfig - SSH username - SSH private key - SSH private key path - RKEConfigServices - ETCDService - External client key - BackupConfig - S3BackupConfig - AWS access key - AWS secret key - KubeAPIService - SecretsEncryptionConfig - K8s encryption configuration (contains encryption keys) - PrivateRegistries - User - Password - ECRCredentialPlugin - AWS access key - AWS secret key - AWS session token - CloudProvider - AzureCloudProvider - ...

A suspected China-nexus cyber espionage actor has been attributed as behind a prolonged attack against an unnamed organization located in East Asia for a period of about three years, with the adversary establishing persistence using legacy F5 BIG-IP appliances and using it as an internal command-and-control (C&C) for defense evasion purposes. Cybersecurity company Sygnia, which responded to

A lot of organizations use Red Hat Ansible Automation Platform to orchestrate their infrastructure and Hashicorp Vault to manage their secrets. But how do they work together?HashiCorp Vault is a powerful tool for managing secrets, providing a centralized platform for storing, accessing, and distributing sensitive information. When combined with Ansible Automation Platform, you can streamline and automate secret management across your infrastructure. In this blog post, we'll explore how to integrate HashiCorp Vault with Ansible Tower to automate secret management effectively.Workflow outlineThe

BerriAI's litellm, in its latest version, is vulnerable to arbitrary file deletion due to improper input validation on the `/audio/transcriptions` endpoint. An attacker can exploit this vulnerability by sending a specially crafted request that includes a file path to the server, which then deletes the specified file without proper authorization or validation. This vulnerability is present in the code where `os.remove(file.filename)` is used to delete a file, allowing any user to delete critical files on the server such as SSH keys, SQLite databases, or configuration files.

Boelter Blue System Management version 1.3 suffers from a remote SQL injection vulnerability.

Red Hat Security Advisory 2024-3479-03 - Updated container images are now available for director Operator for Red Hat OpenStack Platform 16.2 for RHEL 8.4. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2024-2728-03 - Updated container images are now available for director Operator for Red Hat OpenStack Platform 17.1 for RHEL 9.2. Issues addressed include a denial of service vulnerability.