Devices with insecure SSH services are everywhere, say infosec duo
Black Hat 'Serendipitous' discovery may have you second guessing your appliances
Black Hat and DEF CON07 Aug 2024 | 10
SSH
Nasty regreSSHion bug in OpenSSH puts roughly 700K Linux boxes at risk
Full system takeovers on the cards, for those with enough patience to pull it off
Patches01 Jul 2024 | 59
SSH shaken, not stirred by Terrapin vulnerability
No need to panic, but grab those updates or mitigations anyway just to be safe
Patches20 Dec 2023 | 14
GitHub publishes RSA SSH host keys by mistake, issues update
Getting connection failures? Don't panic. Get new keys
Security24 Mar 2023 | 34
Dealing with legacy issues around Red Hat crypto versions? Here's a fix
RHEL SHA-ll speak unto RHEL… except from 9 to 6
OSes11 Aug 2022 | 13
OpenBSD 7.1 is out, including Apple M1 support
26 years and only two external exploits is not to be (packet) sniffed at
OSes22 Apr 2022 | 35
OpenSSH takes aim at 'capture now, decrypt later' quantum attacks
Guarding against the forever almost-here crypto-cracking tech
Security12 Apr 2022 | 12
Danger zone! Brit research supercomputer ARCHER's login nodes exploited in cyber-attack, admins reset passwords and SSH keys
Updated Assault on TOP500-listed machine may have hit Euro HPC too, warn sysops
Security13 May 2020 | 37
GoDaddy hack: Miscreant goes AWOL with 28,000 users' SSH login creds after vandalizing server-side file
Now might be a good time to change your passwords, folks
Security05 May 2020 | 21
Oh, SSH, IT please see this: Malicious servers can fsck with your PC's files during scp slurps
Data transfer tools caught not checking what exactly they're downloading
Security15 Jan 2019 | 32
What's that? SSH can still use RC4? Not for much longer, promise
IETF hackathoners point the 'die-die-die' gun at another buggy cipher
Security02 Nov 2018 | 9
Liberating SSH from Logjam leftovers
IETF RFC writes-out weak Diffie-Hellman
Software19 Dec 2017 | 5
Top repo managers clone, then close, a nasty SSH vector
Git, Mercurial, SVN patched; CVS hasn't got around to it yet
Security13 Aug 2017 | 3
This week on GitHub: Facebook's forecaster and a sysadmin CURSE
Repo Roundup You always wanted an autonomous T-shirt cannon, right? Here you go
Software28 Feb 2017 | 3
Internet of Sins: Million more devices sharing known private keys for HTTPS, SSH admin
IoT == Immensely Obvious Threat
Security07 Sep 2016 | 13
Entropy drought hits Raspberry Pi harvests, weakens SSH security
Hotfix posted online to shore up Raspbian key generation
Security02 Dec 2015 | 36
Lazy IoT, router makers reuse skeleton keys over and over in thousands of devices – new study
SSH logins, server-side HTTPS certs baked in firmware
Edge + IoT26 Nov 2015 | 21
Cisco in single SSH key security stuff-up
Patch NOW, people
Security25 Jun 2015 | 17
Industrial Wi-Fi kit has hard-coded credentials
Can't patch because there isn't one
Security10 Jun 2015 | 22
Compromised SSH keys used to access Spotify, UK Govt GitHub repos
CloudFlare bod gobbles 1.4 million public keys
Security03 Jun 2015 | 13
Holy SSH-it! Microsoft promises secure logins for Windows PowerShell
Now that the door has hit Ballmer on the way out, OpenSSH support is go
Networks02 Jun 2015 | 79
Tor de farce: NSA fails to decrypt anonymised network
Turn that frown upside down and do the happy dance
Security29 Dec 2014 | 68
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Security25 Aug 2014 | 15
Emergency alert system easily pwnable after epic ZOMBIE attack prank
Private crypto keys found in firmware - where were their BRRAAAIINNNS?
Security09 Jul 2013 | 40
SSH an ill-managed mess says SSH author Tatu Ylonen
IETF draft a first step to new version
Security11 Apr 2013 | 9
Whoops! Tiny bug in NetBSD 6.0 code ruins SSH crypto keys
'Random numbers are too important to be left to chance'
Security26 Mar 2013 | 39
Silly gits upload private crypto keys to public GitHub projects
Amazing what you can find searching for 'BEGIN RSA PRIVATE KEY'
Security25 Jan 2013 | 38
Hackers break into FreeBSD with stolen SSH key
Not many servers dead
Security20 Nov 2012 | 16
SSH firm aims to untangle crypto key hairball
Infosec 2012 Fo' SHHizzle
Security25 Apr 2012 | 1
MIT's mind-reading Mosh pits itself against SSH daemons
No! I meant rm * not rm .*
Software13 Apr 2012 | 16
Server-based botnet floods net with brutish SSH attacks
Updated PHP patch laggards to blame
Security12 Aug 2010 | 30
Hackers scalp Apache
SSH hits the fan
Security28 Aug 2009 | 5
Brute force SSH attack confounds defenders
Who are those guys?
Security08 Dec 2008 | 21
SSH sniffer attack poses minor risk
Shadow of a doubt
Security18 Nov 2008 | 5
Cisco breaks cycle with IOS patch
Preemptive defence against rootkit exploits?
Channel22 May 2008 | 3
Biting the hand that feeds IT
