Security News

One of Britain's most powerful academic supercomputers has fallen victim to a "Security exploitation" of its login nodes, forcing the rewriting of all user passwords and SSH keys. Sysadmins warned ARCHER users that their SSH keys may have been compromised as a result of the apparent attack, advising them to "Change passwords and SSH keys on any other systems which you share your ARCHER credentials with".

Preventing idle SSH sessions from remaining connected is an easy way to add a bit more security to secure shell. Find out how.

A recently identified botnet built using the Golang programming language is targeting Linux systems, including Internet of Things devices, using a custom implant, Intezer reports. The botnet, which security researcher MalwareMustDie named Kaiji, is of Chinese origin and spreads exclusively via SSH brute force attacks, targeting the root user only.

Hosting biz GoDaddy has admitted a hacker tampered with an SSH file on its servers, leading to the theft of 28,000 users' SSH credentials. The intrusion, which took place last month, involved one or more malicious persons "Alter" an SSH file on GoDaddy's infrastructure, the US giant told The Register.

Preventing idle SSH sessions from remaining connected is an easy way to add a bit more security to secure shell. Secure Shell includes a timeout feature that allows you to configure the SSH server such that it will disconnect a user, after a set period of inactivity.

Apple's latest update to macOS Catalina appears to have broken SSH for some users. The issue is that under Apple's macOS 10.15.4 update, released on March 24, trying to open a SSH connection to a port greater than 8192 using a server name, rather than an IP address, no longer works - for some users at least.

An eavesdropper doesn't have to be logged into the target device's wireless network to exploit KrØØk. If successful, the miscreant can take repeated snapshots of the device's wireless traffic as if it were on an open and insecure Wi-Fi. These snapshots may contain things like URLs of requested websites, personal information in transit, and so on. When these disassociation packets are received, vulnerable Wi-Fi controllers - made by Broadcom and Cypress, and used in countless computers and gadgets - will overwrite the shared encryption key with the value zero.

Xton Technologies, a provider of privileged access management solutions, announced that Xton Access Manager now includes advanced proxy support for RDP, SSH and web proxies allowing customers to create secure, high trust remote sessions with full session recording and keystroke monitoring using native desktop or mobile applications. "Unique to XTAM is our ability to securely lock credentials on the server-side without ever releasing them to the client computer even in an encrypted form. This provides administrators with secure and efficient access to the systems they need to do their jobs while satisfying audit and senior management requirements for just in time secure access and controls."

Is a Linux SSH GUI in your future? Jack Wallen believes once you try Snowflake, there's no going back. 90% of the time I'm using that tool from the Linux platform, where I open a terminal window and SSH into what seems like an endless array of remote servers.

Is a Linux SSH GUI in your future? Jack Wallen believes once you try Snowflake, there's no going back.