Bleeping Computer

Terrapin attacks can downgrade security of OpenSSH connections

Academic researchers developed a new attack called Terrapin that manipulates sequence numbers during the handshake process to break the SSH channel integrity when certain widely-used encryption modes ...
Infosecurity-magazine.com

OpenSSH Trojan Campaign Targets IoT and Linux Systems

Security researchers have discovered a sophisticated attack campaign that exploits custom and open-source tools to target Linux-based systems and Internet of Things (IoT) devices. According to a new ...
Dark Reading

Developers Find Temporary Fix for OpenSSH Remote Access Software Vulnerability

Researchers keep coming up with memory side-channel vulnerabilities in modern processors and DRAMs, like Rowhammer, RAMBleed, Spectre and Meltdown. All of these attacks bypass architectural safeguards ...
Bleeping Computer

Microsoft: Hackers hijack Linux systems using trojanized OpenSSH version

Microsoft says Internet-exposed Linux and Internet of Things (IoT) devices are being hijacked in brute-force attacks as part of a recently observed cryptojacking campaign. After gaining access to a ...
Hackaday

This Week In Security: Dating App, WooCommerce, And OpenSSH

Up first this week is a report from vpnMentor, covering the unsecured database backing a set of dating apps, including 419 Dating. The report is a bit light on the technical details, like what sort of ...
Ars Technica

PSA: Critical: openssh security update RHEL

Related to the "Fedora problem" last week.<BR><BR>openssh security update<BR><BR><BLOCKQUOTE class="ip-ubbcode-quote"><div class="ip-ubbcode-quote-title">quote:</div ...
CSOonline

OpenSSH vulnerability regreSSHion puts millions of servers at risk

Researchers have uncovered a serious remote code execution vulnerability in the Open Secure Shell (OpenSSH) server that could let unauthenticated attackers obtain a root shell on servers and take them ...