Security News

Legion Malware Upgraded to Target SSH Servers and AWS Credentials
2023-05-24 10:00

An updated version of the commodity malware called Legion comes with expanded features to compromise SSH servers and Amazon Web Services credentials associated with DynamoDB and CloudWatch. "This recent update demonstrates a widening of scope, with new capabilities such the ability to compromise SSH servers and retrieve additional AWS-specific credentials from Laravel web applications," Cado Labs researcher Matt Muir said in a report shared with The Hacker News.

Github publishes RSA SSH host keys by mistake, issues update
2023-03-24 13:34

Github has updated its SSH keys after accidentally publishing the private part to the world. A post on Github's security blog reveals that the company has changed its RSA SSH host keys.

GitHub Swiftly Replaces Exposed RSA SSH Key to Protect Git Operations
2023-03-24 11:06

Cloud-based repository hosting service GitHub said it took the step of replacing its RSA SSH host key used to secure Git operations "Out of an abundance of caution" after it was briefly exposed in a public repository. The activity, which was carried out at 05:00 UTC on March 24, 2023, is said to have been undertaken as a measure to prevent any bad actor from impersonating the service or eavesdropping on users' operations over SSH. "This key does not grant access to GitHub's infrastructure or customer data," Mike Hanley, chief security officer and SVP of engineering at GitHub, said in a post.

GitHub.com rotates its exposed private SSH key
2023-03-24 08:33

GitHub has rotated its private SSH key for GitHub.com after the secret was was accidentally published in a public GitHub repository. In a succinct blog post published today, GitHub acknowledged discovering this week that the RSA SSH private key for GitHub.com had been ephemerally exposed in a public GitHub repository.

Hackers trojanize PuTTY SSH client to backdoor media company
2022-09-15 20:45

North Korean hackers are using trojanized versions of the PuTTY SSH client to deploy backdoors on targets' devices as part of a fake Amazon job assessment. A novel element in this campaign is the use of a trojanized version of the PuTTY and KiTTY SSH utility to deploy a backdoor, which in this case, is 'AIRDRY.V2'.

New IoT RapperBot Malware Targeting Linux Servers via SSH Brute-Forcing Attack
2022-08-07 04:29

"This family borrows heavily from the original Mirai source code, but what separates it from other IoT malware families is its built-in capability to brute force credentials and gain access to SSH servers instead of Telnet as implemented in Mirai," Fortinet FortiGuard Labs said in a report. The malware, which gets its name from an embedded URL to a YouTube rap music video in an earlier version, is said to have amassed a growing collection of compromised SSH servers, with over 3,500 unique IP addresses used to scan and brute-force their way into the servers.

New Linux malware brute-forces SSH servers to breach networks
2022-08-04 16:22

A new botnet called 'RapperBot' is being used in attacks since mid-June 2022, focusing on brute-forcing its way into Linux SSH servers to establish a foothold on the device. Over the past 1.5 months since its discovery, the new botnet used over 3,500 unique IPs worldwide to scan and attempt brute-forcing Linux SSH servers.

5 tips for securing SSH on your Linux servers
2022-07-19 14:08

SSH is a tool I use every single day to log into remote Linux servers and take care of my admin tasks. Here are my five most straightforward tips for securing SSH on your Linux machines.

How to enable SSH 2FA on Ubuntu Server 22.04
2022-07-05 15:01

You don't want that, but how do you prevent such a reality? One way is to enable two-factor authentication on the server. How do you set up SSH 2FA on your Ubuntu Server? Let me show you.

How to use KDE Plasma’s Konsole SSH plugin
2022-05-05 16:26

It's one of the more flexible and powerful terminal applications on the Linux market and it has a rather pleasant, SSH-centric surprise for you an SSH Manager plugin. Figure B. How to use the SSH Manager plugin.