SSH
Emulating the Persistent and Stealthy Ebury Linux Malware
AttackIQ has released a new attack graph that seeks to emulate the Tactics, Techniques and Procedures (TTPs) associated with Ebury Linux malware. Despite previous arrests and actions against key perpetrators, Ebury continues ...
8 Essential Considerations for Post-Quantum Cryptography Migration
A primer on how to best prepare for the migration to PQC The United Nations has proclaimed 2025 the International Year of Quantum Science and Technology—and for good reason. Across the globe, ...
Emulating the Prickly Cactus Ransomware
AttackIQ has released a new attack graph that emulates the behaviors exhibited by the Cactus ransomware since the beginning of its activities in March 2023. Cactus has targeted a wide variety of ...
A Blast From The Past: RegreSSHion
It’s summer, and the year so far has been prodigious in high-stakes hacks impacting very high profile companies, like Ticketmaster or Change Healthcare, and sophisticated malicious operations like the one targeting the ...
Critical SSH Vulnerability, Facial Recognition Flaws, How to Safely Dispose of Old Devices
In episode 337, we cover “broken” news about the new SSH vulnerability ‘regreSSHion‘ highlighting the vulnerability discovered in the OpenSSH protocol by Qualys and its implications. We then discuss the Detroit Police ...
New Open SSH Vulnerability
It’s a serious one: The vulnerability, which is a signal handler race condition in OpenSSH’s server (sshd), allows unauthenticated remote code execution (RCE) as root on glibc-based Linux systems; that presents a ...
SSH vs. SSL/TLS: What’s The Difference?
SSH and SSL/TLS are two widely used cryptographic protocols for establishing secure connections and ensuring secure communication between two parties over an unsecured network. While both protocols offer the same benefits—authentication, encryption, ...
Backdoor in XZ Utils That Almost Happened
Last week, the Internet dodged a major nation-state attack that would have had catastrophic cybersecurity repercussions worldwide. It’s a catastrophe that didn’t happen, so it won’t get much attention—but it should. There’s ...
XZ Utils Backdoor
The cybersecurity world got really lucky last week. An intentionally placed backdoor in XZ Utils, an open-source compression utility, was pretty much accidentally discovered by a Microsoft engineer—weeks before it would have ...
Latest OpenPubkey Project Initiative Makes SSH More Secure
The OpenPubkey project shared an OIDC-based mechanism for remotely logging into IT environments that makes authentication using SSH certificates more secure ...
