CISA and FBI released an advisory on Androxgh0st malware IoCs and warned about hackers using this threat to steal credentials.
Timely patching is one of the most efficient and cost-effective steps an organization can take to minimize its exposure to cybersecurity threats.
Prioritize patching known exploited vulnerabilities in internet-facing systems.
The Cybersecurity and Infrastructure Security Agency also urged System Admins to update Apache servers running versions 2.4.49 or 2.4.50.
Roxgh0st is a Python-written malware that hackers use to create a botnet that scans for and exploits vulnerable networks.
Laravel Framework - Threat actors use the Laravel web app to check if the domain's root-level.
Env files contain credentials and tokens that hackers will attempt stealing.
In some Laravel frameworks, hackers can exploit CVE-2018-15133 for remote code execution.
Amazon Web Services [AWS], Microsoft Office 365, and SendGrid are some of the high-profile applications that could be affected.
CISA says hackers can use Androxgh0st malware to abuse the Simple Mail Transfer Protocol.
CISA and FBI`s analysis lead to revealing a series of IoCs you can use to detect an Androxgh0st malware infection in your system.
Check the entire list of Androxgh0st malware IoCs here.
CISA`s advisory on Androxgh0st malware once again stresses that patching known vulnerabilities timely is a system`s first line of defense.
Vendors have already released patches for all three CVEs the advisory mentions.
In only a few clicks with Heimdal`s Patch & Asset Management.
If you liked this article, follow us on LinkedIn, Twitter, Facebook, and Youtube, for more cybersecurity news and topics.
If you liked this post, you will enjoy our newsletter.
Get cybersecurity updates you'll actually want to read directly in your inbox.
This Cyber News was published on heimdalsecurity.com. Publication date: Thu, 18 Jan 2024 22:43:05 +0000