Podcasts about OpenSSH

Online Services Again Abused to Exfiltrate Data Attackers like to abuse free online services that can be used to exfiltrate data. From the originals , like pastebin, to past favorites like anonfiles.com. The latest example is gofile.io. As a defender, it is important to track these services to detect exfiltration early https://isc.sans.edu/diary/Online%20Services%20Again%20Abused%20to%20Exfiltrate%20Data/31862 OpenSSH 10.0 Released OpenSSH 10.0 was released. This release adds quantum-safe ciphers and the separation of authentication services into a separate binary to reduce the authentication attack surface. https://www.openssh.com/releasenotes.html#10.0p1 Apache Roller Vulnerability Apache Roller addressed a vulnerability. Its CVSS score of 10.0 appears inflated, but it is still a vulnerability you probably want to address. https://lists.apache.org/thread/4j906k16v21kdx8hk87gl7663sw7lg7f CVE Funding Changes Mitre s government contract to operate the CVE system may run out tomorrow. This could lead to a temporary disruption of services, but the system is backed by a diverse board of directors representing many large companies. It is possible that non-government funding sources may keep the system afloat for now. https://www.cve.org/

Fedora is about to ship 42, Ubuntu is gearing up for 25.04, and we talk about a head-to-head performance comparison between the two. LMDE is working on OEM mode, OpenSSH pushes version 10, and the guys make virtual swap make sense. For tips there's cheat, sponge, and ranger, and you can find the show notes at https://bit.ly/4j2qgGg Enjoy! Host: Jonathan Bennett Co-Hosts: Rob Campbell and Jeff Massie Download or subscribe to Untitled Linux Show at https://twit.tv/shows/untitled-linux-show Want access to the ad-free video and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

video: https://youtu.be/ua-RPOtdcF8 Comment on the TWIL Forum (https://thisweekinlinux.com/forum) This week in Linux, App 3.0 drops, bringing big changes under the hood. Amiga OS, yes, that Amiga OS, is still alive and getting updates, apparently. Open SSL 3.5 and Open SSH 10.0 both rolled out new features this week with also some future-proofing involved. And Sony, yes, that Sony, has released The Last of Us Part II on PC and it's Steam Deck verified. All that and much more on This Week in Linux, the weekly news show that keeps you plugged into everything happening in the Linux and Open Source world. Now let's jump right into Your Source for Linux GNews. Download as MP3 (https://aphid.fireside.fm/d/1437767933/2389be04-5c79-485e-b1ca-3a5b2cebb006/c5514bc1-148c-43d2-a6eb-4d0fcbfd6966.mp3) Support the Show Become a Patron = tuxdigital.com/membership (https://tuxdigital.com/membership) Store = tuxdigital.com/store (https://tuxdigital.com/store) Chapters: 00:00 Intro 00:39 APT 3.0 Released 02:48 Last of US Part 2 Verified for Steam Deck 05:47 MPV 0.40 Released 08:58 Sandfly Security [ad] 10:54 AmigaOS still exists and getting updates apparently 14:24 TUXEDO Provides Update On Their Snapdragon X Elite Linux Laptop 17:20 OpenSSL 3.5 Released 19:19 OpenSSH 10.0 Released 21:41 Support the show Links: APT 3.0 Released https://tracker.debian.org/news/1635519/accepted-apt-300-source-into-unstable/ (https://tracker.debian.org/news/1635519/accepted-apt-300-source-into-unstable/) https://9to5linux.com/apt-3-0-debian-package-manager-released-with-revamped-command-line-interface (https://9to5linux.com/apt-3-0-debian-package-manager-released-with-revamped-command-line-interface) https://www.phoronix.com/news/Debian-APT-3.0-Released (https://www.phoronix.com/news/Debian-APT-3.0-Released) Last of US Part 2 Verified for Steam Deck https://gameinformer.com/interview/2025/04/01/naughty-dog-and-nixxes-on-the-pc-port-of-the-last-of-us-part-ii-we-take-the (https://gameinformer.com/interview/2025/04/01/naughty-dog-and-nixxes-on-the-pc-port-of-the-last-of-us-part-ii-we-take-the) https://www.pcguide.com/news/steam-deck-support-is-so-important-says-the-last-of-us-part-2-pc-project-director/ (https://www.pcguide.com/news/steam-deck-support-is-so-important-says-the-last-of-us-part-2-pc-project-director/) MPV 0.40 Released https://mpv.io/ (https://mpv.io/) https://github.com/mpv-player/mpv/releases/tag/v0.40.0 (https://github.com/mpv-player/mpv/releases/tag/v0.40.0) https://www.phoronix.com/news/MPV-0.40-Released (https://www.phoronix.com/news/MPV-0.40-Released) https://9to5linux.com/mpv-0-40-open-source-video-player-released-with-native-hdr-support-on-linux (https://9to5linux.com/mpv-0-40-open-source-video-player-released-with-native-hdr-support-on-linux) Sandfly Security [ad] https://thisweekinlinux.com/sandfly (https://thisweekinlinux.com/sandfly) https://destinationlinux.net/409 (https://destinationlinux.net/409) discount code: destination50 (Home Edition) AmigaOS still exists and getting updates apparently https://www.hyperion-entertainment.com/index.php/news/1-latest-news/320-new-update-3-for-amigaos-32-available-for-download (https://www.hyperion-entertainment.com/index.php/news/1-latest-news/320-new-update-3-for-amigaos-32-available-for-download) https://www.theregister.com/2025/04/10/amigaos32_3/ (https://www.theregister.com/2025/04/10/amigaos_3_2_3/) TUXEDO Provides Update On Their Snapdragon X Elite Linux Laptop https://www.tuxedocomputers.com/en/How-is-TUXEDOCOes-ARM-Notebook-Coming-Along.tuxedo (https://www.tuxedocomputers.com/en/How-is-TUXEDOCOes-ARM-Notebook-Coming-Along.tuxedo) https://www.qualcomm.com/products/mobile/snapdragon/laptops-and-tablets/snapdragon-x-elite (https://www.qualcomm.com/products/mobile/snapdragon/laptops-and-tablets/snapdragon-x-elite) https://www.linaro.org/ (https://www.linaro.org/) https://www.phoronix.com/news/TUXEDO-Snapdragon-Laptop-Update (https://www.phoronix.com/news/TUXEDO-Snapdragon-Laptop-Update) OpenSSL 3.5 Released https://openssl-library.org/ (https://openssl-library.org/) https://github.com/openssl/openssl/releases/tag/openssl-3.5.0 (https://github.com/openssl/openssl/releases/tag/openssl-3.5.0) https://lwn.net/Articles/1016851/ (https://lwn.net/Articles/1016851/) https://9to5linux.com/openssl-3-5-released-with-support-for-pqc-algorithms-server-side-quic (https://9to5linux.com/openssl-3-5-released-with-support-for-pqc-algorithms-server-side-quic) https://www.phoronix.com/news/OpenSSL-3.5-Released (https://www.phoronix.com/news/OpenSSL-3.5-Released) OpenSSH 10.0 Released https://www.openssh.com/ (https://www.openssh.com/) https://www.openssh.com/releasenotes.html#10.0p1 (https://www.openssh.com/releasenotes.html#10.0p1) https://www.phoronix.com/news/OpenSSH-10.0-Released (https://www.phoronix.com/news/OpenSSH-10.0-Released) https://lwn.net/Articles/1016924/ (https://lwn.net/Articles/1016924/) Support the show https://tuxdigital.com/membership (https://tuxdigital.com/membership) https://store.tuxdigital.com/ (https://store.tuxdigital.com/)

I'm joined by guests Rob Hamilton & Vivek to go through the list.Housekeeping (00:01:18) Unleashed.chat rebrands to dataMachineUrgent Vulnerability Disclosures (00:01:52) Private key leak via malformed ECDSA input (00:09:12) ESP32 Security Concerns (00:21:32) Coinos revokes NWC connection secretsVivek's Corner (00:22:51) Invalid mining jobs by AntPool & friends during forksBitcoin • Software Releases & Project Updates (00:37:44) COLDCARD (00:52:47) Sparrow Wallet (00:54:33) Lark (00:55:03) Krux (00:56:37) Cove Wallet (00:59:09) Nunchuk Desktop (01:00:32) BTCPayServer (01:00:44) Bitcoin Keeper (01:01:25) BlueWallet (01:02:08) Bitcoin Safe (01:03:15) Bitkey App (01:04:05) libwally-core (01:06:00) Bisq2 (01:06:04) RoboSats (01:06:08) Boltz Exchange (01:06:10) Zaprite (01:06:13) Blockstream Explorer API (01:07:22) Mempal (01:07:29) Iris Wallet desktop (01:07:31) Utreexo (01:07:34) ESP Miner• Project Spotlight (01:07:38) Reorg Calculator (01:07:51) Bitcoin Core Config Generator (01:09:05) Bitcoin Core Snapshots (01:09:11) Boot Protocol (01:09:18) multisig-backup (01:09:58) Wallet backup (01:10:04) regtest-in-a-podVulnerability Disclosures (01:11:56) JavaScript injection attack (01:15:05) Malicious PyPI package 'set-utils' steals Ethereum private keys (01:16:57) OpenSSH vulnerabilities expose clients and servers to attacks (01:17:05) USB side-channel attacks (01:17:37) Cellebrite (01:17:49) Messengers vulnerabilities (01:17:56) GitVenom (01:18:10) Stablecoin payment firm Infini loses $50M in exploit (01:18:18) Five dollar wrench attacksAudience Questions (01:20:00) Comment on a flaw in Bitcoin Core regarding mining pools and their vulnerability against block withholding attacksNostr • Project spotlight (01:22:32) 24242.io (01:22:49) nostr.media (01:22:58) Frostr (01:23:33) nostr-double-ratchet (01:23:44) DVMCP (01:23:53) Samiz (01:24:00) Welshman (01:24:09) Norma (01:24:20) Wallet Relay (01:24:27) Nostr0 (01:24:35) nAuth Protocol (01:24:43) HostrBoosts (01:25:36) Shoutout to top boosters @sean, @pink monkey, @Anonymous, @martinbarilik, @Momo Tahmasbi & @jespada.Links & Contacts:Website: https://bitcoin.review/Substack: https://substack.bitcoin.review/Twitter: https://twitter.com/bitcoinreviewhqNVK Twitter: https://twitter.com/nvkTelegram: https://t.me/BitcoinReviewPodEmail: producer@coinkite.comNostr & LN: ⚡nvk@nvk.org (not an email!)Full show notes: https://bitcoin.review/podcast/episode-93

השבוע בתוכנית:•

Apple disables Advanced Data Protection for new UK users. Paying ransoms is not as cut and dried as we might imagine. Elon Musk's "X" social media blocks "Signal.me" links. Spain's soccer league blocks Cloudflare and causes a mess. Two new (and rare) vulnerabilities discovered in OpenSSH. The U.S. seems unable to evict Chinese attackers from its Telecom systems. What are those Chinese "Salt Typhoon" hackers doing to get in? The largest (by far) cryptocurrency heist in history occurred Friday. Ex-NSA head says the U.S. is falling behind on the cyber front lines. We have the winner (and a good one) replacement term for "backdoor". A look at a pathetic access control system that begs to be hacked (and will be). Show Notes - https://www.grc.com/sn/SN-1014-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security joindeleteme.com/twit promo code TWIT uscloud.com canary.tools/twit - use code: TWIT

Apple disables Advanced Data Protection for new UK users. Paying ransoms is not as cut and dried as we might imagine. Elon Musk's "X" social media blocks "Signal.me" links. Spain's soccer league blocks Cloudflare and causes a mess. Two new (and rare) vulnerabilities discovered in OpenSSH. The U.S. seems unable to evict Chinese attackers from its Telecom systems. What are those Chinese "Salt Typhoon" hackers doing to get in? The largest (by far) cryptocurrency heist in history occurred Friday. Ex-NSA head says the U.S. is falling behind on the cyber front lines. We have the winner (and a good one) replacement term for "backdoor". A look at a pathetic access control system that begs to be hacked (and will be). Show Notes - https://www.grc.com/sn/SN-1014-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security joindeleteme.com/twit promo code TWIT uscloud.com canary.tools/twit - use code: TWIT

Apple disables Advanced Data Protection for new UK users. Paying ransoms is not as cut and dried as we might imagine. Elon Musk's "X" social media blocks "Signal.me" links. Spain's soccer league blocks Cloudflare and causes a mess. Two new (and rare) vulnerabilities discovered in OpenSSH. The U.S. seems unable to evict Chinese attackers from its Telecom systems. What are those Chinese "Salt Typhoon" hackers doing to get in? The largest (by far) cryptocurrency heist in history occurred Friday. Ex-NSA head says the U.S. is falling behind on the cyber front lines. We have the winner (and a good one) replacement term for "backdoor". A look at a pathetic access control system that begs to be hacked (and will be). Show Notes - https://www.grc.com/sn/SN-1014-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security joindeleteme.com/twit promo code TWIT uscloud.com canary.tools/twit - use code: TWIT

Apple disables Advanced Data Protection for new UK users. Paying ransoms is not as cut and dried as we might imagine. Elon Musk's "X" social media blocks "Signal.me" links. Spain's soccer league blocks Cloudflare and causes a mess. Two new (and rare) vulnerabilities discovered in OpenSSH. The U.S. seems unable to evict Chinese attackers from its Telecom systems. What are those Chinese "Salt Typhoon" hackers doing to get in? The largest (by far) cryptocurrency heist in history occurred Friday. Ex-NSA head says the U.S. is falling behind on the cyber front lines. We have the winner (and a good one) replacement term for "backdoor". A look at a pathetic access control system that begs to be hacked (and will be). Show Notes - https://www.grc.com/sn/SN-1014-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security joindeleteme.com/twit promo code TWIT uscloud.com canary.tools/twit - use code: TWIT

Apple disables Advanced Data Protection for new UK users. Paying ransoms is not as cut and dried as we might imagine. Elon Musk's "X" social media blocks "Signal.me" links. Spain's soccer league blocks Cloudflare and causes a mess. Two new (and rare) vulnerabilities discovered in OpenSSH. The U.S. seems unable to evict Chinese attackers from its Telecom systems. What are those Chinese "Salt Typhoon" hackers doing to get in? The largest (by far) cryptocurrency heist in history occurred Friday. Ex-NSA head says the U.S. is falling behind on the cyber front lines. We have the winner (and a good one) replacement term for "backdoor". A look at a pathetic access control system that begs to be hacked (and will be). Show Notes - https://www.grc.com/sn/SN-1014-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security joindeleteme.com/twit promo code TWIT uscloud.com canary.tools/twit - use code: TWIT

Apple disables Advanced Data Protection for new UK users. Paying ransoms is not as cut and dried as we might imagine. Elon Musk's "X" social media blocks "Signal.me" links. Spain's soccer league blocks Cloudflare and causes a mess. Two new (and rare) vulnerabilities discovered in OpenSSH. The U.S. seems unable to evict Chinese attackers from its Telecom systems. What are those Chinese "Salt Typhoon" hackers doing to get in? The largest (by far) cryptocurrency heist in history occurred Friday. Ex-NSA head says the U.S. is falling behind on the cyber front lines. We have the winner (and a good one) replacement term for "backdoor". A look at a pathetic access control system that begs to be hacked (and will be). Show Notes - https://www.grc.com/sn/SN-1014-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security joindeleteme.com/twit promo code TWIT uscloud.com canary.tools/twit - use code: TWIT

Apple disables Advanced Data Protection for new UK users. Paying ransoms is not as cut and dried as we might imagine. Elon Musk's "X" social media blocks "Signal.me" links. Spain's soccer league blocks Cloudflare and causes a mess. Two new (and rare) vulnerabilities discovered in OpenSSH. The U.S. seems unable to evict Chinese attackers from its Telecom systems. What are those Chinese "Salt Typhoon" hackers doing to get in? The largest (by far) cryptocurrency heist in history occurred Friday. Ex-NSA head says the U.S. is falling behind on the cyber front lines. We have the winner (and a good one) replacement term for "backdoor". A look at a pathetic access control system that begs to be hacked (and will be). Show Notes - https://www.grc.com/sn/SN-1014-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security joindeleteme.com/twit promo code TWIT uscloud.com canary.tools/twit - use code: TWIT

Apple disables Advanced Data Protection for new UK users. Paying ransoms is not as cut and dried as we might imagine. Elon Musk's "X" social media blocks "Signal.me" links. Spain's soccer league blocks Cloudflare and causes a mess. Two new (and rare) vulnerabilities discovered in OpenSSH. The U.S. seems unable to evict Chinese attackers from its Telecom systems. What are those Chinese "Salt Typhoon" hackers doing to get in? The largest (by far) cryptocurrency heist in history occurred Friday. Ex-NSA head says the U.S. is falling behind on the cyber front lines. We have the winner (and a good one) replacement term for "backdoor". A look at a pathetic access control system that begs to be hacked (and will be). Show Notes - https://www.grc.com/sn/SN-1014-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security joindeleteme.com/twit promo code TWIT uscloud.com canary.tools/twit - use code: TWIT

Enjoying the content? Let us know your feedback!We are continuing with part 2 of "Behind the Login Screen - Understanding OS Authentication." If you missed our first episode, I highly recommend giving it a listen before diving into today's content. In part one, we started to explore the fascinating world of operating system authentications, focusing on Windows, Linux/Unix, and Mac OS. We discussed how hashes are used in authentication, the concept of salt in passwords, rainbow table attacks. In today's episode, we'll build on that foundation and delve even deeper into the topic of OS authentication mechanisms. So again, if you haven't already, make sure to catch up on part one to get the full picture.Now, let's get started with part two of our journey into the world of OS authentication! lets look at one of the trending security news this week, and that is:- Newly discovered OpenSSH vulnerabilities.- https://blog.qualys.com: Qualys TRU Discovers Two Vulnerabilities in OpenSSH: CVE-2025-26465 & CVE-2025-26466- https://learn.microsoft.com: Kerberos Authentication OverviewBe sure to subscribe! You can also stream from https://yusufonsecurity.comIn there, you will find a list of all previous episodes in there too.

Cyber Security Today: OpenSSH Vulnerabilities and Black Stash's Stolen Cards In this episode, host Jim Love discusses two significant OpenSSH vulnerabilities that risk man-in-the-middle and denial-of-service attacks. The hacker group Black Stash has released 4 million stolen credit cards for free, potentially enticing further illegal activities. Palo Alto Networks' firewalls face active attacks, with multiple CVEs allowing privilege escalation and bypassing authentication. Critical updates and secure management practices are emphasized to protect systems. 00:00 Introduction and Headlines 00:21 OpenSSH Vulnerabilities Explained 02:39 BlackStash's Stolen Credit Card Dump 04:40 Palo Alto Networks Under Attack 06:21 Conclusion and Contact Information

Credential theft puts sensitive corporate and military networks at risk. A federal judge refuses to block DOGE from accessing sensitive federal data. New York-based Insight Partners confirms a cyber-attack. BlackLock ransomware group is on the rise. OpenSSH patches a pair of vulnerabilities. Russian threat actors are exploiting Signal's “Linked Devices” feature. Over 12,000 GFI KerioControl firewalls remain exposed to a critical remote code execution (RCE) vulnerability.CISA issued two ICS security advisories. Federal contractors pay $11 million in cybersecurity noncompliance fines. In our CertByte segment, Chris Hare is joined by Steven Burnley to break down a question targeting the ISC2® SSCP - Systems Security Certified Practitioner exam.Sweeping cybercrime reforms are unveiled by…Russia? Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CertByte Segment Welcome to CertByte! On this bi-weekly segment hosted by Chris Hare, a content developer and project management specialist at N2K, we share practice questions from N2K's suite of industry-leading certification resources, for the past 25 years, N2K's practice tests have helped more than half a million IT and cyber security professionals reach certification success. Have a question that you'd like to see covered? Email us at certbyte@n2k.com. If you're studying for a certification exam, check out N2K's full exam prep library of certification practice tests, practice labs, and training courses by visiting our website at n2k.com/certify. Please note: The questions and answers provided here, and on our site, are not actual current or prior questions and answers from these certification publishers or providers. Additional source: https://www.isc2.org/certifications/sscp    Selected Reading Hundreds of US Military and Defense Credentials Compromised (Infosecurity Magazine) DOGE Team Wins Legal Battle, Retains Access to Federal Data (GovInfo Security) Musk Ally Demands Admin Access to System That Lets Government Text the Public (404 Media) Cyber Investor Insight Partners Suffers Security Breach (Infosecurity Magazine) BlackLock On Track to Be 2025's Most Prolific Ransomware Group (Infosecurity Magazine) Qualys reports two flaws in OpenSSH, one critical DDoS (Beyond Machines) Russian phishing campaigns exploit Signal's device-linking feature (Bleeping Computer) Over 12,000 KerioControl firewalls exposed to exploited RCE flaw (Bleeping Computer) CISA Releases Two New ICS Advisories Exploits Following Vulnerabilities (Cyber Security News) Managed healthcare defense contractor to pay $11 million over alleged cyber failings (The Record) Russian Government Proposes Stricter Penalties to Tackle Cybercrime (GB Hackers)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

ModelScan: Protection Against Model Serialization Attacks ModelScan is a tool to inspect AI models for deserialization attacks. The tool will detect suspect commands and warn the user. https://isc.sans.edu/diary/ModelScan%20-%20Protection%20Against%20Model%20Serialization%20Attacks/31692 OpenSSH MitM and DoS Vulnerabilities OpenSSH Patched two vulnerabilities discovered by Qualys. One may be used for MitM attack in specfic configurations of OpenSSH. https://www.qualys.com/2025/02/18/openssh-mitm-dos.txt Juniper Authentication Bypass Juniper fixed an authentication bypass vulnerability that affects several prodcuts. The patch was released outside the normal patch schedule. https://supportportal.juniper.net/s/article/2025-02-Out-of-Cycle-Security-Bulletin-Session-Smart-Router-Session-Smart-Conductor-WAN-Assurance-Router-API-Authentication-Bypass-Vulnerability-CVE-2025-21589?language=en_US DELL BIOS Patches DELL released BIOS updates fixing a privilege escalation issue. The update affects a large part of Dell's portfolio https://www.dell.com/support/kbdoc/en-en/000258429/dsa-2025-021

New OpenSSH Flaws Enable Man-in-the-Middle and DoS Attacks — Patch Now Microsoft reminds admins to prepare for WSUS driver sync deprecation Zwipe runs out of time for biometric card revenues, files for bankruptcy Thanks to today's episode sponsor, Scrut Automation Scrut Automation allows compliance and risk teams of any size to establish enterprise-grade security programs. Their best-in-class features like process automation, AI, and over 75 native integrations reverse compliance debt and help manage risk proactively as your business grows. Visit scrut.io to schedule a demo or learn more. That's www.scrut.io.

VC giant Insight Partners gets social engineered, OpenSSH patches an attacker-in-the-middle bug, Ecuador's parliament hit by cyberattacks, and a Monero zero-day awaits a patch. Show notes

Referências do Episódio Qualys Security Advisory - CVE-2025-26465: MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client | CVE-2025-26466: DoS attack against OpenSSH's client and server An Update on Fake Updates: Two New Actors, and New Mac Malware StaryDobry ruins New Year's Eve, delivering miner instead of presents Invisible obfuscation technique used in PAC attackRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia

In this episode of the SANS Internet Storm Center's Stormcast, we cover critical vulnerabilities affecting OpenSSH, BeyondTrust, and Nuclei, including the newly discovered "RegreSSHion" flaw and a bypass vulnerability in Nuclei. We also discuss how malware evasion techniques can impact analysis environments and highlight the dangers of fake exploits targeting researchers. Tune in for insights on patching, mitigation strategies, and staying ahead of emerging threats. Topics Covered: Make Malware Happy https://isc.sans.edu/diary/Make%20Malware%20Happy/31560 A look at how malware adapts and detects analysis environments, and why replicating operational settings is critical during malware analysis. Nuclei Signature Verification Bypass (CVE-2024-43405) https://www.wiz.io/blog/nuclei-signature-verification-bypass A critical vulnerability in Nuclei allows malicious templates to bypass signature verification, risking arbitrary code execution. Critical Vulnerability in BeyondTrust (CVE-2024-12356) https://censys.com/cve-2024-12356/ A high-risk flaw in BeyondTrust products allows unauthenticated OS command execution, posing a significant threat to privileged access systems. RegreSSHion Code Execution Vulnerability (CVE-2024-6387) https://cybersecuritynews.com/regresshion-code-execution-vulnerability/ OpenSSH vulnerability "RegreSSHion" enables remote code execution, and fake exploits targeting security researchers are in circulation.

Send us a textStruggling with CompTIA Security+ exam questions? You're not alone. In this episode, I'm going to walk you through a couple of questions you might see on the Security+ SY0-701 exam that test your knowledge of how to improve back-end scalability, and how a pentester moves within a network after compromising a server.I'll break down the right answers and explain why each option works or doesn't. By the end, you'll know how to recognize similar patterns in your own exam. If you're getting ready for Security+, this is for you.There's a video version of this episode with visual explanations on YouTube here:For question 17 in this episode, here's the Nmap input command:INPUT********nmap -sV -p 1-65535 -T4 192.168.1.0/24********and the sample Nmap output: OUTPUT********Nmap scan report for 192.168.1.100 (Server B)Host is up (0.00044s latency).Not shown: 65532 closed portsPORT      STATE SERVICE       VERSION22/tcp    open  ssh           OpenSSH 7.2p2 Ubuntu 4ubuntu2.10 (Ubuntu Linux; protocol 2.0)80/tcp    open  http          Apache httpd 2.4.7 ((Ubuntu))443/tcp   open  https         Apache httpd 2.4.7 ((Ubuntu))********Good luck with your CompTIA Security+ SY0-701 exam! You can do it!

Luis Rodríguez, CTO of Xygeni.io, joins host Robert Blumen for a discussion of the recently thwarted attempt to insert a backdoor in the SSH (Secure Shell) daemon. OpenSSH is a popular implementation of the protocol used in major Linux distributions for authentication over a network. Luis describes how a backdoor in a supporting library was recently discovered and removed before the package was published to stable releases of the Linux distros. The conversation explores the mechanism of the attack through modifying a function table in the runtime; how the attack was inserted during the build; how the attack was carefully staged in a series of modifications to the lz compression library; the nature of “Jia Tan,” the entity who committed the changes to the open source project; social engineering that the entity used to gain the trust of the open source community; what forensics indicates about the location of the entity; hypotheses about whether criminal or state actors backed the entity; how the attack was detected; implications for other open source projects; why traditional methods for detecting exploits would not have helped find this; and lessons learned by the community. Brought to you by IEEE Computer Society and IEEE Software magazine.

Welcome to episode 268 of the Cloud Pod Podcast – where the forecast is always cloudy! Justin says he's in India, but we know he's really been replaced by Skynet. Jonathan, Matthew, and Ryan are here in his stead to bring all the latest cloud news, including PGO for optimization, a Linux vulnerability, CloudFront's new managed policies, and even a frank discussion about whether or not the AI Hype train has officially left the station. Sit back and enjoy!  Titles we almost went with this week: OpenSSH sings “Oops I did it again” All aboard, the AI hype train is leaving the station Caching In on CloudFront’s New Managed Policies  Get your Go Apps a personal trainer this summer with PGO Was Japan actually using floppy disks or were they 3.5 Azure is on summer break Singapore will soon just be datacenters A big thanks to this week's sponsor: We're sponsorless! Want to reach a dedicated audience of cloud engineers? Send us an email or hit us up on our Slack Channel and let's chat!  General News 00:56 Japan declares victory in effort to end government use of floppy disks Here’s a bit of tech nostalgia meets modernization for you!  Japan’s government has finally phased out the use of floppy disks in all its systems.  The Digital Agency has scrapped over 1,000 regulations related to their use, marking a significant step in their efforts to update government technology. Digital Minister Taro Kono, who’s been on a mission to modernize Japan’s government tech, announced this victory last week. It’s part of a larger push to digitize Japan’s notoriously paper-heavy bureaucracy, which became glaringly apparent during the COVID-19 pandemic. Japan’s digitization efforts have hit some bumps along the way, including issues with a contact-tracing app and slow adoption of their digital ID system.  It’s a reminder that modernizing legacy systems isn’t just about replacing old hardware – it’s a complex process that involves changing long-standing processes and especially mindsets. 02:36 Jonathan – “Yeah, I remember a couple of years ago they started talking about this modernization they were doing and people started to panic because Japan’s the largest purchaser of floppy disks anymore, or three and a half inch disks anyway. And so I ended up buying some because I’ve still got a USB floppy drive and some machines that have floppy disks. And I wanted just to stock up on some for the future, just in case the price went through the roof if Japan finally cut them and they have.” 05:16 regreSSHion: Remote Unauthenticated Code Execution Vulnerability in OpenSSH server  The Qualys Threat Research Unit just dropped a bombshell – they’ve discovered a remote code execution vulnerability in OpenSSH that affects millions of Linux systems. The vulnerability, dubbed “regreSSHion,” allows unauthenticated attackers to execute code as root on vulnerable system

regreSSHion vulnerability, Improving and debugging FreeBSDs Intel wifi support, FreeBSD adds an implementation of the 9P filesystem, FreeBSD Zero to Desktop Speedrun Challenge, Why and how to run your own FreeBSD package cache, Game of Trees Hub, Why Does FreeBSD Default to Csh/Tcsh, and more NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) and the BSDNow Patreon (https://www.patreon.com/bsdnow) Headlines regreSSHion: RCE in OpenSSH's server, on glibc-based Linux systems (https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt) and OpenBSD 9.8 (https://undeadly.org/cgi?action=article;sid=20240701102851) Improving and debugging FreeBSDs Intel wifi support (https://freebsdfoundation.org/blog/improving-and-debugging-freebsds-intel-wi-fi-support-cheng-cuis-key-role-in-the-iwlwifi-project/) FreeBSD adds an implementation of the 9P filesystem (https://cgit.freebsd.org/src/commit/?id=e97ad33a89a78f55280b0485b3249ee9b907a718) News Roundup FreeBSD Zero to Desktop Speedrun Challenge (https://vermaden.wordpress.com/2024/04/05/freebsd-zero-to-desktop-speedrun-challenge/) Why and how to run your own FreeBSD package cache (https://blog.rlwinm.de/why-and-how-to-run-your-own-freebsd-package-cache-3wbg) Game of Trees Hub: A Git Repository Hosting Service Based on OpenBSD (http://undeadly.org/cgi?action=article;sid=20240621074337) Why Does FreeBSD Default to Csh/Tcsh? Exploring Its Advantages (https://lobste.rs/s/iuzuge/why_does_freebsd_default_csh_tcsh) AI-assisted computer interfaces of the future (https://whynothugo.nl/journal/2023/03/23/ai-assisted-computer-interfaces-of-the-future/) Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) Join us and other BSD Fans in our BSD Now Telegram channel (https://t.me/bsdnow)

On episode 272 of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss a variety of pressing cybersecurity topics. These include the responsibilities of CISOs in avoiding legal repercussions following data breaches, highlighted by the case of Uber's former CISO, Joe Sullivan. The hosts also delve into the impact of the recent U.S. Supreme Court decision overturning the Chevron deference doctrine on cybersecurity regulations, the risk of dynamic loading of JavaScript libraries, and the wide-reaching implications of the OpenSSH regression vulnerability. Throughout, practical advice and insightful commentary are provided on maintaining security in an ever-evolving threat landscape. 00:00 Introduction and Episode Overview 01:08 CISO's Guide to Avoiding Jail After a Breach 03:29 Challenges and Complexities of the CISO Role 13:35 US Supreme Court Ruling and Its Impact on Cyber Regulation 20:51 Polyfill.io Issue: A Modern Supply Chain Attack? 28:54 Understanding Polyfill Confusion and Risks 29:23 Maintaining Open Source Software Health 30:04 The Need for Open Source Health Ratings 30:41 Challenges with Third-Party Code and Security 34:08 Vendor Questionnaires and False Urgency 39:50 The Regression Vulnerability in OpenSSH 41:18 Cloud Security Best Practices 48:29 Final Thoughts and Recommendations 49:52 Conclusion and Farewell

Bats in your headset, Windows Wifi driver vulnerabilities, Logitech's dongles, lighthttpd is heavy with vulnerabilities, node-ip's not vulnerability, New Intel CPU non-attacks, Blast Radius, Flipper Zero alternatives, will OpenSSH be exploited, emergency Juniper patches, and the D-Link botnet grows. Iceman comes on the show to talk about RFID and NFC hacking including the tools, techniques, and hardware. We'll also talk about the ethics behind the disclosure of vulnerabilities and weaknesses in these systems that are used in everything from building access to cars. Segment Resources: Youtube channel - https://www.youtube.com/@iceman1001 Proxmark3 forums - http://www.proxmark.org/forum/index.php Proxmark3 Repository - https://github.com/rfidresearchgroup/proxmark3 Awesome RFID talks - https://github.com/doegox/awesome-rfid-talks Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-834

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.Likely the biggest password leak ever: nearly 10 billion credentials exposed.Eldorado is a newly discovered ransomware-as-a-service operation targeting both Windows and Linux systems. OVHcloud has reported mitigating a record-breaking distributed denial-of-service attack that peaked at 840 million packets per second.Cisco has issued a warning about a critical remote code execution vulnerability named "regreSSHion," tracked as CVE-2024-6387, affecting OpenSSH on glibc-based Linux systems. In the first half of 2024, cryptocurrency thefts amounted to $1.4 billion, significantly driven by rising crypto prices and a few large-scale attacks.

Sandy Carielli and Janet Worthington, authors of the State Of Application Security 2024 report, join us to discuss their findings on trends this year! Old vulns, more bots, and more targeted supply chain attacks -- we should be better at this by now. We talk about where secure design fits into all this why appsec needs to accelerate to ludicrous speed. Segment resources https://www.forrester.com/blogs/ludicrous-speed-because-light-speed-is-too-slow-to-secure-your-apps/ They're also conducting a survey on how orgs use Top 10 lists. Provide your response at https://forrester.co1.qualtrics.com/jfe/form/SV_9Z7ARUQjuzNQf0q Polyfill loses trust after CDN misuse, an OpenSSH flaw reappears, how to talk about secure design from some old CocoaPods vulns, using LLMs to find bugs, Burp Proxy gets more investment, and more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-290

In this episode I cover provide updates on some major breaches, I talk about a recently disclosed OpenSSH vulnerability due to a regression, some new Microsoft feature releases plus more! Reference Links: https://www.rorymon.com/blog/openssh-vulnerability-disclosed-windows-365-dr-feature-nintendo-gives-ai-a-miss/

We dig into the RegreSSHion bug, debate it's real threat and explore clever tools to build a tasty fried onion around your system.Sponsored By:Core Contributor Membership: Take $1 a month of your membership for a lifetime!Tailscale: Tailscale is a programmable networking software that is private and secure by default - get it free on up to 100 devices! 1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps. Support LINUX UnpluggedLinks:

We take a victory lap for Linux, Cover the SSH vulnerability in great detail, and discuss Fedora's proposal to include opt-in telemetry. KDE ships an update, Nexus Mods is coming to Linux, and Meta has a clever link time optimization approach for the kernel. For tips, we have inxi for better system info, rolldice for all your command line dice rolling needs, dvtm and abduco for simple terminal splitting and detaching, and ollama for running LLMs locally. You can find the show notes at https://bit.ly/3VWzJ7X Back next week! Host: Jonathan Bennett Co-Hosts: Jeff Massie, Rob Campbell, and David Ruggles Want access to the video version and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

Josh and Kurt talk about the recent OpenSSH vulnerability and the node-ip project owner taking their project private. They're quasi related in the context of two open source projects handled bugs very differently. The OpenSSH bug isn't really as serious as it seems, but you still want to patch. The node-ip bug is a very different story. The relationship between users and open source developers is one experiencing more strain now than we've ever seen. It's a weird conversation and we don't have good answers. Security in general is a collection of unsolvable problems. Show Notes Qualys security advisory Hacker News Discussion Security Cryptography Whatever Dev rejects CVE severity, makes his GitHub repo read-only

The 'Three Buddy Problem' Podcast Episode 3: Former NSA computer scientist Dave Aitel (Immunity Inc., Cordyceps Systems) joins Juan Andres Guerrero-Saade for a frank discussion on the OpenSSH unauthenticated remote code execution vulnerability and the challenges around patching and exploitation, the CISA 'secure-by-design' pledge and its impact on software vendor practices, Microsoft lobbying and the CSRB report, and changing face of government's attempts at cybersecurity regulations. We discuss the disruption caused by political changes and the potential implications for cybersecurity policies, impact from the Supreme Court Chevron ruling, security regulations and the challenges of writing laws for future technology, the role of CISA and its accomplishments, the debate around offensive cyber operations and the responsibility of companies like Google in addressing vulnerabilities. The need for clear separation between counterterrorism and espionage operations is highlighted, as well as the importance of understanding both defensive and offensive perspectives. Costin Raiu is on vacation.

The regreSSHion Bug 50BTC moved Voyager 1 Update Email @ GRC SyncThing DNS queries Recall The End of Entrust Trust Show Notes - https://www.grc.com/sn/SN-981-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: bigid.com/securitynow joindeleteme.com/twit promo code TWIT panoptica.app lookout.com

On this week's show, Patrick Gray and Adam Boileau discuss the week's security news, including: Widely used polyfill javascript gets hijacked by its new owners MacOS supply chain disaster bullet dodged That OpenSSH remote code exec OH MY

The regreSSHion Bug 50BTC moved Voyager 1 Update Email @ GRC SyncThing DNS queries Recall The End of Entrust Trust Show Notes - https://www.grc.com/sn/SN-981-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: bigid.com/securitynow joindeleteme.com/twit promo code TWIT panoptica.app lookout.com

The regreSSHion Bug 50BTC moved Voyager 1 Update Email @ GRC SyncThing DNS queries Recall The End of Entrust Trust Show Notes - https://www.grc.com/sn/SN-981-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: bigid.com/securitynow joindeleteme.com/twit promo code TWIT panoptica.app lookout.com

The regreSSHion Bug 50BTC moved Voyager 1 Update Email @ GRC SyncThing DNS queries Recall The End of Entrust Trust Show Notes - https://www.grc.com/sn/SN-981-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: bigid.com/securitynow joindeleteme.com/twit promo code TWIT panoptica.app lookout.com

The regreSSHion Bug 50BTC moved Voyager 1 Update Email @ GRC SyncThing DNS queries Recall The End of Entrust Trust Show Notes - https://www.grc.com/sn/SN-981-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: bigid.com/securitynow joindeleteme.com/twit promo code TWIT panoptica.app lookout.com

The regreSSHion Bug 50BTC moved Voyager 1 Update Email @ GRC SyncThing DNS queries Recall The End of Entrust Trust Show Notes - https://www.grc.com/sn/SN-981-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: bigid.com/securitynow joindeleteme.com/twit promo code TWIT panoptica.app lookout.com

A new OpenSSH vulnerability affects Linux systems. The Supreme Court sends social media censorship cases back to the lower courts. Chinese hackers exploit a new Cisco zero-day. HubSpot investigates unauthorized access to customer accounts. Japanese media giant Kadokawa confirmed data leaks from a ransomware attack. FakeBat is a popular malware loader. Volcano Demon is a hot new ransomware group. Google launches a KVM hypervisor bug bounty program.  Johannes Ullrich from SANS Technology Institute discusses defending against API attacks. Goodnight, Sleep Tight, Don't Let the Hackers Byte! Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest is Johannes Ullrich from SANS Technology Institute talking about defending against attacks affecting APIs and dangerous new attack techniques you need to know about. This conversation is based on Johannes' presentations at the 2024 RSA Conference. You can learn more about them here:  Attack and Defend: How to Defend Against Three Attacks Affecting APIs The Five Most Dangerous New Attack Techniques You Need to Know About Selected Reading New regreSSHion OpenSSH RCE bug gives root on Linux servers (Bleeping Computer) US Supreme Court sidesteps dispute on state laws regulating social media (Reuters) China's ‘Velvet Ant' hackers caught exploiting new zero-day in Cisco devices (The Record) HubSpot accounts breach under investigation (SC Media) Japanese anime and gaming giant admits data leak following ransomware attack (The Record) Exposing FakeBat loader: distribution methods and adversary infrastructure (Sekoia.io blog) Halcyon Identifies New Ransomware Operator Volcano Demon Serving Up LukaLocker (Halcyon) Google launches Bug Bounty Program for KVM Hypervisor (Stack Diary) How to Get Root Access to Your Sleep Number Bed (Dillan Mills) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

https://youtu.be/p_zv9TEIZO0 This week on the podcast, we cover OpenSSH's recent critical vulnerability and what it means for systems administrators. Before that, we discuss the CDK Global ransomware attack impacting car dealerships across the us, a Korean internet service provider delivering malware to their customers, and a takeover of a popular JavaScript library gone hostile.

In today's episode, we discuss TeamViewer's security breach by Midnight Blizzard, who extracted encrypted employee credentials but left customer data untouched (https://www.cybersecuritydive.com/news/teamviewers-breached-employee-credentials/720306/). We also cover Cisco's response to a zero-day flaw in NX-OS exploited by the Velvet Ant cyberespionage group to install custom malware (https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cmd-injection-xD9OhyOP). Additionally, we explore the critical OpenSSH vulnerability, "regreSSHion," putting 700,000 servers at risk of remote code execution attacks (https://www.cybersecuritydive.com/news/openssh-remote-code-cve/720315/). Video Episode: https://youtu.be/sX082aW6clg Sign up for digestible cyber news delivered to your inbox: news.thedailydecrypt.com Thanks to Jered Jones for providing the music for this episode. https://www.jeredjones.com/ Logo Design by https://www.zackgraber.com/ Tags TeamViewer, Midnight Blizzard, breach, cyber threats, cybersecurity, employee data, network security, Velvet Ant, Cisco, NX-OS, CVE-2024-20399, vulnerability, OpenSSH servers, remote code execution, Qualys Search Phrases TeamViewer breach by Midnight Blizzard Midnight Blizzard cyber attack TeamViewer data security incident Velvet Ant Cisco NX-OS vulnerability Cisco NX-OS zero-day exploit CVE-2024-20399 patch details Critical OpenSSH server vulnerability Qualys remote code execution vulnerability Securing OpenSSH servers against regreSSHion Modern cybersecurity threats 2024

Results from the 2024 FreeBSD Community Survey Report, What is Computer Science? ~1967, Computation Poems, Old Info, but still good -- HOWTO: Set up and configure security/sshguard-pf, observium-freebsd-install, FreeBSD Tips and Tricks: Native Read-Only Root File System, OpenSSH introduces options to penalize undesirable behavior, and more NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) and the BSDNow Patreon (https://www.patreon.com/bsdnow) Headlines Results from the 2024 FreeBSD Community Survey Report (https://freebsdfoundation.org/blog/results-from-the-2024-freebsd-community-survey-report/) What is Computer Science? ~1967 (https://www.cs.cmu.edu/~choset/whatiscs.html) News Roundup Computation Poems (https://nickm.com/poems/) Old Info, but still good -- HOWTO: Set up and configure security/sshguard-pf (https://forums.FreeBSD.org/threads/howto-set-up-and-configure-security-sshguard-pf.39196/) observium-freebsd-install (https://github.com/pmhausen/observium-freebsd-install) FreeBSD Tips and Tricks: Native Read-Only Root File System (https://it-notes.dragas.net/2024/05/31/freebsd-tips-and-tricks-native-ro-rootfs/) OpenSSH introduces options to penalize undesirable behavior (http://undeadly.org/cgi?action=article;sid=20240607042157) Beastie Bits A Unix* Primer (https://archive.org/details/unixprimer0000lomu/mode/2up) Running Xvnc through the INETD (https://bugs.dragonflybsd.org/issues/3300#change-14548) ifconfig (https://man.ifconfig.se/) Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) Join us and other BSD Fans in our BSD Now Telegram channel (https://t.me/bsdnow)

We will discuss LLM security in general and some of the issues covered in the OWASP Top 10 for LLMs! Segment Resources: https://genai.owasp.org/ Skyrocketing IoT vulnerabilities, bricked computers?, MACBORG!, raw dogging source code, PHP strikes again and again, if you have a Netgear WNR614 replace it now, Arm Mali, new OpenSSH feature, weird headphones, decrypting firmware, and VPNs are still being hacked! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-832

Kaspersky has released a virus scanner for Linux; should you run it? OpenBSD finally has Wayland support, OBS has a new Beta, and WSL leans into the Hypervisor. Then there's Gnome, which sort of worries us. Then for tips we've got gping for a snazzy ping tui, iVentoy for a selectable PXE boot, devicetree options in Grub, and hostnamectl. The show notes are at https://bit.ly/4aSADaP and we will see you next time! Host: Jonathan Bennett Co-Hosts: Rob Campbell, Ken McDonald, and David Ruggles Want access to the video version and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

Apple Updates Everything https://isc.sans.edu/diary/Apple%20Patches%20Everything%3A%20macOS%2C%20iOS%2C%20iPadOS%2C%20watchOS%2C%20tvOS%20updated./30916 Juniper OpenSSH Update https://supportportal.juniper.net/s/article/2024-05-Reference-Advisory-Junos-OS-and-Junos-OS-Evolved-Multiple-CVEs-reported-in-OpenSSH?language=en_US Malicious Go Binary Delivered via Steganography in PyPi https://blog.phylum.io/malicious-go-binary-delivered-via-steganography-in-pypi/

Apple Updates Everything https://isc.sans.edu/diary/Apple%20Patches%20Everything%3A%20macOS%2C%20iOS%2C%20iPadOS%2C%20watchOS%2C%20tvOS%20updated./30916 Juniper OpenSSH Update https://supportportal.juniper.net/s/article/2024-05-Reference-Advisory-Junos-OS-and-Junos-OS-Evolved-Multiple-CVEs-reported-in-OpenSSH?language=en_US Malicious Go Binary Delivered via Steganography in PyPi https://blog.phylum.io/malicious-go-binary-delivered-via-steganography-in-pypi/

Leo Laporte shows off another one of his recent Instagram purchases. Can you send out text messages similarly to a BCC email? Gmail turns 20! Plus, Scott Wilkinson joins the show to talk with Leo and Mikah Sargent about physical media and how often one wants to watch older movies. An accidental discovery of a backdoor likely prevented thousands of infections. The great rewiring: is social media really behind an epidemic of teenage mental illness? What is My Ping Tag? Can I text multiple people on an iPhone to function similarly to a BCC email? With the changing landscape of broadcast television, a caller wants to know if Leo and MIkah think that traditional TV is dying. Scott Wilkinson and March 2024's Home Theater of the Month. 20 years of Gmail. How long can I continue to safely use an older version of an app on my phone? Is there a way to backup photos without using a laptop? With the discontinuation of Echo Connect, is there a similar service or process to announce phone calls and allow calls to be initiated by voice? What hard drives should I get when purchasing a Synology NAS? What's a good Linux OS to install on an older computer? Why are certain shows on my YouTube TV recordings quieter than others? Hosts: Leo Laporte and Mikah Sargent Guest: Scott Wilkinson Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Show notes and links for this episode are available at: https://twit.tv/shows/ask-the-tech-guys/episodes/2018 Download or subscribe to this show at: https://twit.tv/shows/ask-the-tech-guys Sponsors: zscaler.com/zerotrustAI wix.com/studio joindeleteme.com/twit promo code TWIT ecamm.com/twit or use Promo Code TWIT