reader comments 16 Infrastructure used to maintain and distribute the Linux operating system kernel was infected for two years, starting in 2009, by sophisticated malware that managed to get a hold of one of the developers’ most closely guarded resources: the /etc/shadow files that stored encrypted password data for more than 550 system users, researchers… Read More »
Matejmo | Getty Images reader comments 14 Cisco’s Talos security team is warning of a large-scale credential compromise campaign that’s indiscriminately assailing networks with login attempts aimed at gaining unauthorized access to VPN, SSH, and web application accounts. The login attempts use both generic usernames and valid usernames targeted at specific organizations. Cisco included a… Read More »
Getty Images reader comments 22 Roughly 11 million Internet-exposed servers remain susceptible to a recently discovered vulnerability that allows attackers with a foothold inside affected networks. Once they’re in, attackers compromise the integrity of SSH sessions that form the lynchpin for admins to securely connect to computers inside the cloud and other sensitive environments. Terrapin,… Read More »
Enlarge / Terrapin is coming for your data. Aurich Lawson | Getty Images reader comments 65 Sometime around the start of 1995, an unknown person planted a password sniffer on the network backbone of Finland’s Helsinki University of Technology (now known as Aalto University). Once in place, this piece of dedicated hardware surreptitiously inhaled thousands… Read More »
Getty Images reader comments 71 with For the first time, researchers have demonstrated that a large portion of cryptographic keys used to protect data in computer-to-server SSH traffic are vulnerable to complete compromise when naturally occurring computational errors occur while the connection is being established. Underscoring the importance of their discovery, the researchers used their… Read More »
reader comments 35 with 28 posters participating Share this story Two years ago, researchers stumbled upon one of the Internet’s most intriguing botnets: a previously undiscovered network of 500 servers, many in well-known universities and businesses around the world, that was impervious to normal takedown methods. After lying low for 16 months, those researchers said,… Read More »