SSH

Pierluigi Paganini January 02, 2024
Terrapin attack allows to downgrade SSH protocol security

Researchers discovered an SSH vulnerability, called Terrapin, that could allow an attacker to downgrade the connection’s security. Security researchers from Ruhr University Bochum (Fabian Bäumer, Marcus Brinkmann, Jörg Schwenk) discovered a vulnerability, called Terrapin (CVE-2023-48795, CVSS score 5.9), in the Secure Shell (SSH) cryptographic network protocol. An attacker can trigger the flaw to downgrade the […]

Pierluigi Paganini December 27, 2023
Experts analyzed attacks against poorly managed Linux SSH servers

Researchers warn of attacks against poorly managed Linux SSH servers that mainly aim at installing DDoS bot and CoinMiner. Researchers at AhnLab Security Emergency Response Center (ASEC) are warning about attacks targeting poorly managed Linux SSH servers, primarily focused on installing DDoS bots and CoinMiners. In the reconnaissance phase, the threat actors perform IP scanning […]

Pierluigi Paganini December 21, 2016
Linux/Rakos, the new Linux malware threatening devices and servers

A new Linux malware, dubbed Linux/Rakos is threatening devices and servers. The malware searches for victims via SSH scan. A new Linux malware, dubbed Linux/Rakos is threatening devices and servers. The malicious code is written in the Go language and the binary is usually compressed with the standard  UPX tool. Apparently, frustrated users complain more often recently […]

Pierluigi Paganini August 14, 2015
OpenSSH 7.0 Fixes Four Flaws and other issues

A new version of OpenSSH is available, the new release of OpenSSH 7.0 fixes four security flaws and several other bugs. Update it! A new version of OpenSSH is available, the new release of OpenSSH 7.0 fixes four security flaws and several other bugs. Then new OpenSSH 7.0 fixes a use-after-free vulnerability and three other […]

Pierluigi Paganini June 26, 2015
Cisco Security Appliances contain a default SSH Key

Security experts at Cisco revealed the existence of a default SSH key in many security appliances, an attacker can exploit it to control the devices. Security experts at Cisco discovered default SSH Key in many Cisco security appliances, an attacker could use them to establish SSH connection and control the devices. The abuse of the […]

Pierluigi Paganini June 03, 2015
Compromised SSH keys used to access popular GitHub repositories

Security experts Ben Cox explained that the official Github repositories of the UK Government, Spotify, and Python were accessed using compromised SSH keys. Ben Cox, engineer at CloudFlare revealed that the official Github repositories of the UK Government, Spotify, and Python were accessed by using legitimate SSH keys. It seems that the keys were compromised […]

Pierluigi Paganini February 21, 2015
Shodan Founder finds 250,000 routers sharing same SSH keys

The Founder of Shodan John Matherly was revamping the SSH banner when discovered a large number of devices that share same SSH keys. The Founder of Shodan, John Matherly, has conducted in December 2014 a personal research discovering that more than 250,000 routers used in Spain and deployed by Telefonica de Espana, and thousands more used in other […]

Pierluigi Paganini November 17, 2013
Linux backdoor Fokirtor implements covert communication protocol

In May sophisticated attackers breached a large Internet hosting provider and gained access to internal administrative systems using a singular Linux backdoor. Symantec security researchers have discovered a Linux backdoor, dubbed Fokirtor, that implements a covert communication protocol to hide its presence. The experts revealed that the malicious code was used to compromise a large […]