Another quick video to show just how quickly a server can be compromised and taken over completely by an attacker.
In this video we have a server running an out of date and un-patched application, which gives the attacker a way onto the server. Then the attacker dumps and cracks the password hashes, which gives persistent remote (using ssh) access to the system. The attacker can then continue to access the server for whatever purpose they wish
Then the attacker changes the root (admin) password potentially resulting in no one else having admin access to the system. Allowing them to hold the system to ransom or threatening to take it off line to disrupt the business function, or continue to search and remove data unhindered.
This all happens in under 4 minutes. Always stay as up to date with versions and patches as possible.
@2codemonte 