SSH and Fujitsu partner to offer privileged access as a service
SSH and Fujitsu have signed a partnership agreement that enables Fujitsu to offer SSH’s PrivX Cloud Access Gateway to complement its Identity-as-a-Service (IDaaS) offering. …
PyCryptoMiner ropes Linux machines into Monero-mining botnet
A Linux-based botnet that has been flying under the radar has earned its master at least 158 Monero (currently valued around $63,000). The malware The botnet is based on a …
Half of organizations do not audit SSH entitlements
Cybercriminals, such as malicious insiders, use SSH keys to access systems from remote locations, evade security tools and escalate privileges, according to a study conducted …
Most organizations don’t have SSH security policies in place
Cybercriminals can abuse SSH keys to secure and automate administrator-to-machine and machine-to-machine access to critical business functions. According to Venafi’s research, …
Monitoring scanning activities that could lead to IoT compromises
IoT devices are ideal targets for attackers looking to build DDoS botnets because they have limited or non-existent security features. Some IoT devices utilize hard-coded …
Quickly audit and adjust SSH server configurations with SSH-audit
SSH-audit is a standalone open source tool for auditing and fixing SSH server configurations. It has no dependencies and will run wherever Python is available. It supports …
Linux servers hit with FairWare ransomware – or is it just a scam?
Users posting on Bleeping Computer’s forums have alerted the world to a new threat targeting Linux server admins: the FairWare ransomware. Whether the ransomware …
Privileged identity management for SSH keys
ManageEngine launched Key Manager Plus, a comprehensive, Web-based, SSH key management solution at RSA Conference 2016. Available immediately, the new product joins …
SSH backdoor found in more Fortinet devices, exploit attempts spotted in the wild
In case you missed it, Fortinet announced last week that the recently discovered FortiOS SSH backdoor – or, as they call it, “a management authentication …