Collaborate Disseminate
The report analyzes the security properties of a popular biometric access control terminal made by ZkTeco and describes vulnerabilities found in it. Continue reading QR code SQL injection and other vulnerabilities in a popular biometric terminal
Researchers at Eset have published a huge report on the Ebury malware/botnet (pdf), and one of the high profile targets of this campaign was part of the kernel.org infrastructure. So …read more Continue reading This Week in Security: The Time Kernel.org Was Backdoored and Other Stories
The GnuPG Manual states that:
This [sshcontrol] file is deprecated in favor of the "Use-for-ssh"
attribute in the key files.
What is now the correct way to configure gpg / gpg-agent to use your key for SSH?
Specifically:
I’ve been monitoring my server’s SSH logs and noticed a steady stream of login attempts from unknown IP addresses, mostly from different countries.
Heaps and heaps of account names are tried, and with some quick server stats I’d say, at le… Continue reading Should I be worried about unusual SSH login attempts from unknown IP addresses?
I am currently automating the setup of a web server with Ansible. My two team mates should be able to run the Ansible playbook as well. Therefore, their public keys need to be added to the authorized_keys of the user that will execute the … Continue reading Should one be concerned about public keys being copied to wrong servers accidentally?
We continue to report on the APT group ToddyCat. This time, we’ll talk about traffic tunneling, constant access to a target infrastructure and data extraction from hosts. Continue reading ToddyCat is making holes in your infrastructure
A vulnerability (CVE-2024-31497) in PuTTY, a popular SSH and Telnet client, could allow attackers to recover NIST P-521 client keys due to the “heavily biased” ECDSA nonces (random values used once), researchers have discovered. “To b… Continue reading PuTTY vulnerability can be exploited to recover private keys (CVE-2024-31497)
I’m a one man shop. All I care about is having my workstations and server stolen. I plan on running a couple dozen VMs on my server, mostly Linux.
Question is, obviously having unique passwords for each SSH key for each VM is most secure, … Continue reading Unique SSH Keys With Identical Password?
Kaspersky analysis of the backdoor recently found in XZ, which is used in many popular Linux distributions and in OpenSSH server process. Continue reading XZ backdoor story – Initial analysis
Last week, the Internet dodged a major nation-state attack that would have had catastrophic cybersecurity repercussions worldwide. It’s a catastrophe that didn’t happen, so it won’t get much attention—but it should. There’s an important moral to the story of the attack and its discovery: The security of the global Internet depends on countless obscure pieces of software written and maintained by even more obscure unpaid, distractible, and sometimes vulnerable volunteers. It’s an untenable situation, and one that is being exploited by malicious actors. Yet precious little is being done to remedy it…