ssh hardening | BestHub

Efficient Ops

Nov 25, 2024 · Information Security

Uncovering the gpg-agentd Malware: How an Alibaba Cloud Server Was Compromised

This article walks through a real-world intrusion on an Alibaba Cloud CentOS server, detailing how a disguised gpg-agentd process was used to install backdoors, hijack SSH keys, exploit Redis, and launch mass scanning, and provides concrete hardening recommendations to prevent similar attacks.

Server Securitylinux incident responsemalware

0 likes · 13 min read

Uncovering the gpg-agentd Malware: How an Alibaba Cloud Server Was Compromised

Java Captain

Mar 7, 2023 · Information Security

Server Intrusion Investigation and Remediation Steps

This article details a recent server intrusion case, describing the observed symptoms, possible causes, step‑by‑step forensic investigation using commands like ps, top, grep and crontab, and comprehensive remediation actions such as tightening SSH security, unlocking and restoring system binaries, removing malicious scripts, and key lessons for future protection.

Server Securitychattrincident response

0 likes · 14 min read

Server Intrusion Investigation and Remediation Steps