Wiz’s Post

Just sharing this alert on #OpenSSH. More information on it can be found on the #wizthreatresearch blog post below. Wiz customers will be able to find this in the Wiz Threat Center on the Overview dashboard or the Threat Center feed. #cloudsecurity #sharedresponsibility

#OpenSSH vulnerability alert 🚨 Meet CVE-2024-6387, dubbed "regreSSHion" – a critical vulnerability in OpenSSH that could allow attackers to execute code remotely with root privileges. Here's the scoop: 🔍 What's at risk? 81% of cloud environments, according to Wiz data. 💡 Next steps? Upgrade OpenSSH and restrict access immediately. Wiz customers can find vulnerable instances using our pre-built query in the Wiz Threat Center. Discover more: https://lnkd.in/eHajuv4s

🚨 𝐂𝐫𝐢𝐭𝐢𝐜𝐚𝐥 𝐎𝐩𝐞𝐧𝐒𝐒𝐇 𝐕𝐮𝐥𝐧𝐞𝐫𝐚𝐛𝐢𝐥𝐢𝐭𝐲 𝐀𝐥𝐞𝐫𝐭: 𝐂𝐕𝐄-2024-6387 (𝐫𝐞𝐠𝐫𝐞𝐒𝐒𝐇𝐢𝐨𝐧) 🚨 A newly discovered vulnerability, CVE-2024-6387, named regreSSHion, poses a serious threat to millions of OpenSSH servers. This critical flaw, discovered by Qualys, enables unauthenticated remote code execution with root privileges on glibc-based Linux systems, potentially leading to complete system takeover. 𝐊𝐞𝐲 𝐃𝐞𝐭𝐚𝐢𝐥𝐬: - Affected Versions: OpenSSH 8.5p1 (released Oct 2020) to 9.7p1 - Nature of Flaw: Signal handler race condition in the sshd component - Exploitable Systems: Over 14 million potentially vulnerable instances exposed to the internet - Impact: Full system compromise, enabling malware installation, backdoor creation, data theft, and persistent access - Exploitation Time: Demonstrated on 32-bit Linux/glibc systems with ASLR, requiring 6-8 hours of continuous connections - Resolution: Upgrade to OpenSSH 9.8p1 or apply forthcoming patches - Security Mechanisms: OpenBSD systems are unaffected due to a blocking mechanism This vulnerability is a regression of a previously patched issue (CVE-2006-5051) reintroduced in OpenSSH 8.5p1. Organizations must prioritize upgrading their OpenSSH instances or applying patches as they become available. Additionally, it's crucial to limit SSH access through network controls and enforce network segmentation. 𝐅𝐨𝐫 𝐦𝐨𝐫𝐞 𝐝𝐞𝐭𝐚𝐢𝐥𝐬: - SecurityWeek: https://lnkd.in/dxjiQZ99 - The Hacker News: https://lnkd.in/d_nBpuj3 Stay vigilant and ensure your systems are protected. #CyberSecurity #OpenSSH #CVE20246387 #regreSSHion #Qualys #InfoSec #RemoteCodeExecution #LinuxSecurity #Vulnerability #SystemSecurity #DataProtection #Malware #Backdoors

To secure Innovation in the cloud, you need runtime insights to prioritize critical risks and stay ahead of unknown threats. Runtime Insights are Built on Falco. Through deep visibility of your entire cloud-native infrastructure, Falco enables cloud-native application protection platforms (CNAPP) with end-to-end detection and powers Sysdig’s prioritization based on in-use packages. #cloudsecurity #threatdetection #vulnerabilitymanagement #IAM #falco #CNAAP

Hacker X certificate about "Vulnerability scanning and reporting". What is a vulnerability scanner? A vulnerability scanner scans the network for vulnerabilities within the network. The assets can be exposed to an attack. It can identify open ports and the application that is running. Nexposs (Never heard of it before) even though it's from Rapid7 and just compliant with the Metasploitable framework, so it got to be good Nexpose works with the following environments: - Cloud - Mobile - Psychical - Virtual Nexposs can be installed within a virtual machine the username is: nexpose and the password: nexpose The Nexpose page has a graphical interface and can be launched by checking your IP address and https://youripadress:3780 the default username: nxadmin and password: nxpassword Have a goodnight everyone 👍

🛡️ Shield Up Against RegreSSHion! 🚨 Sysdig's recent threat research article dives into 𝗖𝗩𝗘-𝟮𝟬𝟮𝟰-𝟲𝟯𝟴𝟳, a critical OpenSSH vulnerability dubbed "regreSSHion" that could lead to full system compromise. 💡 Discover how Sysdig can help you identify and mitigate this threat across your cloud environment using stateful detections and real-time insights: https://okt.to/B4X7yn

🛡️ Shield Up Against RegreSSHion! 🚨 Sysdig's recent threat research article dives into 𝗖𝗩𝗘-𝟮𝟬𝟮𝟰-𝟲𝟯𝟴𝟳, a critical OpenSSH vulnerability dubbed "regreSSHion" that could lead to full system compromise. 💡 Discover how Sysdig can help you identify and mitigate this threat across your cloud environment using stateful detections and real-time insights: https://okt.to/J0Twbs

🛡️ Shield Up Against RegreSSHion! 🚨 Sysdig's recent threat research article dives into 𝗖𝗩𝗘-𝟮𝟬𝟮𝟰-𝟲𝟯𝟴𝟳, a critical OpenSSH vulnerability dubbed "regreSSHion" that could lead to full system compromise. 💡 Discover how Sysdig can help you identify and mitigate this threat across your cloud environment using stateful detections and real-time insights: https://okt.to/3YzeiU

🛡️ Shield Up Against RegreSSHion! 🚨 Sysdig's recent threat research article dives into 𝗖𝗩𝗘-𝟮𝟬𝟮𝟰-𝟲𝟯𝟴𝟳, a critical OpenSSH vulnerability dubbed "regreSSHion" that could lead to full system compromise. 💡 Discover how Sysdig can help you identify and mitigate this threat across your cloud environment using stateful detections and real-time insights: https://okt.to/VHakJc