|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: InfoSec News (alerts
infosecnews.org)
Date: Wed Aug 27 2008 - 00:28:14 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
http://www.eweek.com/c/a/Security/Attackers-Targeting-Linux-Infrastructures-With-Rootkit-to-Steal-SSH-Keys/
By Brian Prince
eWEEK.com
2008-08-26
U.S.-CERT is warning of attacks targeting Linux-based infrastructures
using compromised SSH keys. After access is gained to the system, local
kernel exploits are used to gain root access. A rootkit is then
installed to steal more SSH keys. The attack could be related to a flaw
affecting Debian-based encryption keys discovered earlier this year.
Hackers are launching attacks against Linux-based computing
infrastructures using compromised SSH [Secure Shell] keys and installing
rootkits, according to a warning by the U.S. Computer Emergency
Readiness Team (US-CERT).
According to US-CERT, the attack uses stolen SSH keys to access a
system, and then local kernel exploits to gain root access. At that
point, a rootkit known as phalanx2 is installed.
[...]
__________________________________________________
Register now for HITBSecConf2008 - Malaysia! With
a new triple-track conference featuring 4 keynote
speakers and over 35 international experts, this
is the largest network security event in Asia and
the Middle East!
http://conference.hackinthebox.org/hitbsecconf2008kl/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]