Nine-Year-Old Linux Kernel Flaw Leaks SSH Keys and Password Hashes
Qualys finds nine-year-old Linux ptrace flaw exposing SSH keys and password hashes locally
Qualys covers vulnerability management, asset discovery, and compliance checks that help organizations identify and reduce security risks.
Search across headline titles and summaries.
Background for this topic.
Qualys is a cloud-based security platform used to inventory IT assets, identify software vulnerabilities, assess configuration and compliance, and scan web applications. It collects information through network scanners and endpoint agents, then centralizes findings so security teams can track exposure and remediation across servers, workstations, cloud resources, and applications.
Its security value depends on complete, accurate asset coverage: unmanaged systems, failed agents, or incomplete credentials can leave vulnerabilities undiscovered. Findings must also be validated and prioritized using factors such as exploitability, exposure, and business context; a scanner’s severity rating alone does not determine urgency. Because the platform may receive detailed asset, software, configuration, and credential-related data, access controls, role separation, and secure integration are important. Teams can use its records to support vulnerability management and compliance evidence, while incident responders may use historical asset and detection data to scope affected systems and confirm remediation.
Weekly headline count for the current query.
Qualys finds nine-year-old Linux ptrace flaw exposing SSH keys and password hashes locally
Analysis of 1 billion CISA KEV remediation records reveal a breaking point for human-scale security. Qualys shows most critical flaws are exploited before defenders can patch them. [...]
Cybersecurity researchers have disclosed multiple security vulnerabilities within the Linux kernel's AppArmor module that could be exploited by unprivileged users to circumvent kernel protections, escalate to root, and undermine container isolation guarantees
The "shift left" approach has increased pressure on developers, as speed demands override security checks in modern CI pipelines. Qualys explains how analyzing 34,000 public container images revealed 7.3% were malicious and why security must be enforced at the infrastructure layer by default. [...]
Cybersecurity researchers are calling attention to a spike in automated attacks targeting PHP servers, IoT devices, and cloud gateways by various botnets such as Mirai, Gafgyt, and Mozi
A rise in attacks on PHP servers, IoT devices and cloud gateways is linked to botnets exploiting flaws, according to new research published by Qualys
Salesloft Says Hackers Broke Into Its GitHub RepositoryCybersecurity firms Tenable and Qualys fell to attacks stemming from hacker theft of authentication tokens from a third-party tool often integrated into Salesforce. The firms disclosed their exposure to the attack that lifted access tokens from marketing-as-a-service software provider Salesloft.
Palo Alto Networks, Cloudflare and Zscaler were also among confirmed victims of the attack
Cybersecurity researchers have uncovered two local privilege escalation (LPE) flaws that could be exploited to gain root privileges on machines running major Linux distributions
Two information disclosure flaws have been identified in apport and systemd-coredump, the core dump handlers in Ubuntu, Red Hat Enterprise Linux, and Fedora, according to the Qualys Threat Research Unit (TRU)
Cybersecurity researchers have shed light on a new malware campaign that makes use of a PowerShell-based shellcode loader to deploy a remote access trojan called Remcos RAT
Two security vulnerabilities have been discovered in the OpenSSH secure networking utility suite that, if successfully exploited, could result in an active machine-in-the-middle (MitM) and a denial-of-service (DoS) attack, respectively, under certain conditions
Murdoc Botnet Uses Over 100 Distinct C2 Servers to Manage Infected DevicesA new variant of the Mirai malware is exploiting vulnerabilities in cameras and routers to infiltrate devices, download payloads and integrate them into an expanding botnet. Qualys tracked over 1,300 active internet protocol addresses linked to the Murdoc Botnet since its emergence in July 2024.
Cybersecurity researchers have warned of a new large-scale campaign that exploits security flaws in AVTECH IP cameras and Huawei HG532 routers to rope the devices into a Mirai botnet variant dubbed Murdoc_Botnet
Update now: Qualys says flaws give root to local users, are 'easily exploitable' Researchers at Qualys refuse to release exploit code for five bugs in the Linux world's needrestart utility that allow unprivileged local attackers to gain root access without any user interaction.…
Update now: Qualys says vulnerabilities give root and are 'easily exploitable' Researchers at Qualys refuse to release exploit code for five bugs in Ubuntu Server's needrestart utility that allow unprivileged attackers to gain root access without any user interaction.…
Multiple decade-old security vulnerabilities have been disclosed in the needrestart package installed by default in Ubuntu Server (since version 21.04) that could allow a local attacker to gain root privileges without requiring user interaction
Over 14 Million Servers May Be Affected by Bug First Fixed Decades AgoMore than 14 million servers may be affected by a regressed vulnerability in a remote server management and file transfer tool that can allow hackers to completely take over the affected systems. The flaw is an accidental repeat of a flaw patched in 2006.
A newly discovered RCE vulnerability, which can lead to full system compromise, has put over 14 million OpenSSH server instances are potentially at risk, according to Qualys
The Qualys report also showed over 7000 vulnerabilities had proof-of-concept exploit code