GreyNoise researchers detail a novel botnet infecting 9K+ routers from Asus and others with a persistent SSH backdoor, enabling access after reboots and updates
What You Need To Know Shweta Sharma / CSO : New botnet hijacks AI-powered security tool on Asus routers Bruno Ferreira / HotHardware : ASUS Routers Hit By Stealthy Backdoor Botnet Attack That Evades F...
GreyNoise researchers detail a novel botnet infecting 9K+ routers from Asus and others with a persistent SSH backdoor, enabling access after reboots and updates
Over 9,000 ASUS routers are compromised by a novel botnet dubbed “AyySSHush” that was also observed targeting SOHO routers from Cisco, D-Link, and Linksys.
Researchers detail a MITM attack on SSH that can break the integrity of the protocol, the first “practical attack of its kind”; fixes face compatibility issues
SSH is an internet standard that provides secure access to network services … Connor Jones / The Register : SSH shaken, not stirred by Terrapin vulnerability Terrapin Attack : Terrapin Attack: Breakin...
In a first, researchers show a large portion of cryptographic keys used to protect data in computer-to-server SSH traffic are vulnerable to complete compromise
An error as small as a single flipped memory bit is all it takes to expose a private key. — For the first time …
GitHub adds security key support for SSH Git operations, as it continues its plan to remove password support for Git operations later this year
Support has been added to bolster defense against account compromise. — GitHub has announced support for security keys to prevent account compromise in SSH Git operations.
Researchers say a new P2P botnet FritzFrog is using advanced measures to infect millions of SSH servers around the world
Dan Goodin / Ars Technica :
A hacker has posted a list of usernames, passwords, IP addresses and SSH keys of 900+ Pulse Secure VPN enterprise servers on a Russian-speaking hacker forum
EXCLUSIVE: The list has been shared on a Russian-speaking hacker forum frequented by multiple ransomware gangs.
Multiple supercomputers in some EU countries were hacked this week with crypto mining malware via compromised SSH credentials; evidence suggests a single actor
Confirmed infections have been reported in the UK, Germany, and Switzerland. Another suspected infection was reported in Spain.
Report: over 4.5M network appliances, IoT devices, and embedded systems vulnerable by reusing known private keys for HTTPS and SSH servers
IoT == Immensely Obvious Threat — Millions of internet-facing devices - from home broadband routers to industrial equipment …