by Alan Deeter | Jul 29, 2016 | Best Practices, Incidents, SSH, Threats |
It’s a horrible practice for IP-enabled device manufacturers to ship products with default passwords because users often don’t change them. Yet, 44 of the top 50 CCTV manufacturers do exactly that. We’re talking “root/root” and...
by Alan Deeter | Mar 12, 2016 | Incidents, SSH
Spanish security researcher Jose Carlos Norte revealed in a blog post this week that he’d used the scanning software Shodan to find thousands of publicly exposed “telematics gateway units” or TGUs, small radio-enabled devices attached to industrial vehicles’ networks...
by Alan Deeter | Feb 10, 2016 | Incidents, Open Source, SSH, Threats |
Web hosting provider Linode jeopardized the security of its customers’ virtual machines, potentially allowing attackers to hijack the SSH connections initiated by customer system administrators, according to IT watchdog site, The Register. Linode promotes “High...
by Alan Deeter | Jan 22, 2016 | Executive Reading, Incidents, SSH, Technical, Threats |
Exactly 30 days after the announcement that Juniper Networks had jeopardized customer security by shipping products with a hard-coded SSH password, security appliance manufacturer Fortinet has announced that many of their products contain a similar hard-coded backdoor...
by Alan Deeter | Dec 22, 2015 | Executive Reading, Incidents, SSH, Threats, Uncategorized |
Juniper Networks announced last week that an internal code review revealed two critical security vulnerabilities in ScreenOS, the Linux derived operating system that powers approximately 26,000 Netscreen firewall devices on the internet today. The review uncovered two...
by Alan Deeter | Nov 26, 2015 | Executive Reading, Incidents, SSH, Threats |
Many Cisco security appliances contain a common default SSH key that could allow an attacker to connect and take almost any action he chooses. “A vulnerability in the remote support functionality of Cisco WSAv, Cisco ESAv, and Cisco SMAv Software could allow an...
