Security News

Cisco Umbrella default SSH key allows theft of admin credentials
2022-04-21 08:16

Cisco has released security updates to address a high severity vulnerability in the Cisco Umbrella Virtual Appliance, allowing unauthenticated attackers to steal admin credentials remotely.Fraser Hess of Pinnacol Assurance found the flaw in the key-based SSH authentication mechanism of Cisco Umbrella VA. Cisco Umbrella, a cloud-delivered security service used by over 24,000 organizations as DNS‑layer security against phishing, malware, and ransomware attacks, uses these on-premise virtual machines as conditional DNS forwarders that record, encrypt, and authenticate DNS data.

How to create an email alert for SSH logins
2022-02-23 18:59

SEE: 40+ open source and Linux terms you need to know. Your first question might be "Why would you need to do this?" As I said, I do a lot of testing, so I have several Linux servers on a LAN that need to be able to send out emails.

Kali Linux 2022.1 released with 6 new tools, SSH wide compat, and more
2022-02-15 00:41

Kali Everything Image - An all-packages-in-one solution now available to download. Kali-Tweaks Meets SSH - Connect to old SSH servers using legacy SSH protocols and ciphers. As the first version of the new year, the Kali Team has performed a visual refresh adding new backgrounds for the desktop, login, and boot displays, and a new installer theme.

Hardcoded SSH Key in Cisco Policy Suite Lets Remote Hackers Gain Root Access
2021-11-04 23:15

Cisco Systems has released security updates to address vulnerabilities in multiple Cisco products that could be exploited by an attacker to log in as a root user and take control of vulnerable systems. Tracked as CVE-2021-40119, the vulnerability has been rated 9.8 in severity out of a maximum of 10 on the CVSS scoring system and stems from a weakness in the SSH authentication mechanism of Cisco Policy Suite.

Hardcoded SSH Key in Cisco Policy Suite Lets Remote Hackers Gain Root Access
2021-11-04 23:15

Cisco Systems has released security updates to address vulnerabilities in multiple Cisco products that could be exploited by an attacker to log in as a root user and take control of vulnerable systems. Tracked as CVE-2021-40119, the vulnerability has been rated 9.8 in severity out of a maximum of 10 on the CVSS scoring system and stems from a weakness in the SSH authentication mechanism of Cisco Policy Suite.

Cisco fixes hard-coded credentials and default SSH key issues
2021-11-04 17:24

Cisco has released security updates to address critical security flaws allowing unauthenticated attackers to log in using hard-coded credentials or default SSH keys to take over unpatched devices. "A vulnerability in the Telnet service of Cisco Catalyst PON Series Switches ONT could allow an unauthenticated, remote attacker to log in to the affected device by using a debugging account that has a default, static password," the company explains in an advisory published yesterday.

How to configure SSH to use a non-standard port with SELinux set to enforcing
2021-10-14 14:32

Switching the SSH listening port is an easy way to help secure remote login on your Linux servers. SSH has a lot of tricks up its sleeve for security, one of which is to configure the service to use a non-standard port.

GitHub Revoked Insecure SSH Keys Generated by a Popular git Client
2021-10-12 21:39

Code hosting platform GitHub has revoked weak SSH authentication keys that were generated via the GitKraken git GUI client due to a vulnerability in a third-party library that increased the likelihood of duplicated SSH keys. As an added precautionary measure, the Microsoft-owned company also said it's building safeguards to prevent vulnerable versions of GitKraken from adding newly generated weak keys.

Microsoft revokes insecure SSH keys for Azure DevOps customers
2021-10-12 12:00

Microsoft revoked insecure SSH keys some Azure DevOps have generated using a GitKraken git GUI client version impacted by an underlying issue found in one of its dependencies. The decision to revoke the keys was taken after GitKraken's developer Axosoft notified Microsoft on September 28 that a bug in the keypair library's pseudo-random number generator led to duplicate RSA keys being generated.

GitHub revokes duplicate SSH auth keys linked to library bug
2021-10-11 20:12

GitHub has revoked weak SSH authentication keys generated using a library that incorrectly created duplicate RSA keypairs. Today, in a coordinated disclosure between GitHub and Axosoft, LLC., the makers of the popular GitKraken Git client, GitHub said they revoked weak SSH keys generated by the 'keypair' library used by the software.