Guardicore Labs has uncovered an SSH brute force attack that has stayed under the radar for years. The attack deploys a RAT with DDoS capabilities and a cryptocurrency miner. In this post, we describe the attack, payload and different preventive steps.

We’re proud to announce the release of a new version of the Infection Monkey, Guardicore’s free, open-source Breach and Attack Simulation (BAS) tool. Release 1.6 introduces

A critical vulnerability (CVE-2018-10933) was disclosed in libSSH, a library implementing the SSH2 protocol for clients and servers. The vulnerability allows an attacker to completely bypass the authentication step and connect to the server without providing any credentials, the worst possible flaw for a library implementing SSH.

Datacenter Traces In our research we use actual traces, collected from different production datacenters. We share these traces (sanitized) for the benefit of the research

Guardicore Labs team has uncovered a traffic manipulation and cryptocurrency mining campaign infecting a wide number of organizations in industries such as finance, education and

As this security flaw still exists and puts Azure environments at risk, we believe it’s important to continuously verify whether your environment is vulnerable. To do that we integrated Azure password harvesting capabilities into the Infection Monkey.