Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Worm - IP address observed attempting to bruteforce SSH server credentials.
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: Worm - IP address observed attempting to bruteforce SSH server credentials. (Read 926 times)
0 Members and 1 Guest are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 33900
malware fighter
Worm - IP address observed attempting to bruteforce SSH server credentials.
«
on:
November 28, 2019, 07:03:13 PM »
Re:
https://viz.greynoise.io/ip/178.62.48.191
For IP:
https://www.shodan.io/host/178.62.48.191
see vulnerabilities.
High Risk Site
:
https://www.magereport.com/scan/?s=https://www.alyaka.com/eu/
See:
https://aw-snap.info/file-viewer/?protocol=secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=d3d3LnxseXxrfC5eXW1ge3U%3D~enc
Web Hint Linting results:
https://webhint.io/scanner/2803fc87-7bc8-4547-8857-c75b9a543aff
Consider here:
https://www.shodan.io/host/104.28.2.101
Retire.js detected:
jquery 1.12.4 Found in -https://www.alyaka.com/js/alyaka/jquery/jquery.min.js
Vulnerability info:
Medium 2432 3rd party CORS request may execute CVE-2015-9251
Medium CVE-2015-9251 11974 parseHTML() executes scripts in event handlers
Low CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution & error on main page -> ReferenceError: UET is not defined /eu/:4180
polonus (volunteer 3rd party cold recon wevbsite security analyst and website error-hunter)
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Worm - IP address observed attempting to bruteforce SSH server credentials.