Archive for the ‘OpenSSH’ Category

12-Year-Old SSH Bug Exposes More than 2 Million IoT Devices

October 14th, 2016

Are your internet-connected devices spying on you? Perhaps.

We already know that the Internet of Thing (IoT) devices are so badly insecure that hackers are adding them to their botnet network for launching Distributed Denial of Service (DDoS) attacks against target services.

But, these connected devices are not just limited to conduct DDoS attacks; they have far more potential to harm you.

Posted in Cyber Attack, hacking news, Internet of things, iot devices, OpenSSH, ssh exploit | Comments (0)

12-Year-Old SSH Bug Exposes More than 2 Million IoT Devices

October 14th, 2016

Are your internet-connected devices spying on you? Perhaps.

We already know that the Internet of Thing (IoT) devices are so badly insecure that hackers are adding them to their botnet network for launching Distributed Denial of Service (DDoS) attacks against target services.

But, these connected devices are not just limited to conduct DDoS attacks; they have far more potential to harm you.

Posted in Cyber Attack, hacking news, Internet of things, iot devices, OpenSSH, ssh exploit | Comments (0)

Critical OpenSSH Flaw Leaks Private Crypto Keys to Hackers

January 15th, 2016

A ‘Serious’ security vulnerability has been discovered and fixed in OpenSSH – one of the most widely used open-source implementations of the Secure Shell (SSH) Protocol.

The critical vulnerability could be exploited by hackers to force clients to leak their secret private cryptographic keys, potentially exposing users to Man-in-the-Middle (MITM) attacks.

What Causes the Flaw to occur?

Posted in encryption keys, hacking news, hacking server, man-in-the-middle attack, OpenSSH, patch update, server security, steal crypto keys, Vulnerability | Comments (0)

OpenSSH 7.0 Fixes Four Flaws

August 13th, 2015

A new version of OpenSSH has been released, fixing four security vulnerabilities and a number of non-security related bugs. OpenSSH 7.0 includes patches for a use-after-free vulnerability and three other flaws, two of which only affect Portable OpenSSH. The maintainers of the software also gave users notice that the next version of the software would […]

Posted in OpenSSH, vulnerabilities, Web Security | Comments (0)

OpenSSH password guessing attacks may be 10,000 times easier than you thought

July 23rd, 2015

An interesting problem with OpenSSH has been publicised on the Full Disclosure mailing list.

Posted in brute force, Featured, OpenSSH, password, Security threats | Comments (0)

Bug in OpenSSH Opens Linux Machines to Password Cracking Attack

July 23rd, 2015

A simple but highly critical vulnerability recently disclosed in the most widely used OpenSSH software allows attackers to try thousands of password login attempts per connection in a short period.

OpenSSH is the most popular software widely used for secure remote access to Linux-based systems. Generally, the software allows 3 to 6 Password login attempts before closing a connection, but a

Posted in brute force attack, dictionary attack, hack ssh password, hacking news, linux security, Linux Vulnerability, OpenSSH, password hacking, SSH password cracking, ssh security, Vulnerability | Comments (0)