by Alan Deeter | Jul 29, 2016 | Best Practices, Incidents, SSH, Threats |
It’s a horrible practice for IP-enabled device manufacturers to ship products with default passwords because users often don’t change them. Yet, 44 of the top 50 CCTV manufacturers do exactly that. We’re talking “root/root” and...
by Alan Deeter | Mar 12, 2016 | Incidents, SSH
Spanish security researcher Jose Carlos Norte revealed in a blog post this week that he’d used the scanning software Shodan to find thousands of publicly exposed “telematics gateway units” or TGUs, small radio-enabled devices attached to industrial vehicles’ networks...
by Alan Deeter | Feb 18, 2016 | Case Studies, Executive Reading, Expert Opinion, SSH, Threats
Speaking at last week’s Security Analyst Summit in February 2016, Scott Erven, a medical device security advocate described how medical devices are putting hospital networks and patient data at risk. Erven reported that hundreds of hospitals, clinics, and health...
by Alan Deeter | Feb 10, 2016 | Incidents, Open Source, SSH, Threats |
Web hosting provider Linode jeopardized the security of its customers’ virtual machines, potentially allowing attackers to hijack the SSH connections initiated by customer system administrators, according to IT watchdog site, The Register. Linode promotes “High...
by Alan Deeter | Jan 22, 2016 | Executive Reading, Incidents, SSH, Technical, Threats |
Exactly 30 days after the announcement that Juniper Networks had jeopardized customer security by shipping products with a hard-coded SSH password, security appliance manufacturer Fortinet has announced that many of their products contain a similar hard-coded backdoor...
by Alan Deeter | Jan 18, 2016 | Open Source, SSH, Technical, Threats, Uncategorized |
Security firm Qualys has identified a zero-day vulnerability in OpenSSH clients that could allow a malicious server to steal private user keys, according to an eWeek article. The vulnerability is present in all OpenSSH client versions released since March 7, 2010...
