SSH.COM Blog

Blog

Subscribe to Email Updates

We promise to send you awesome stuff you'll want to read more than once.

PAM Secure Shell governance

Malicious SSH client steals credentials masked as ...

Alert Logic researchers have discovered a malicious Secure Shell (SSH) client that uses Domain Name System (DNS) queries to transport Secure Shell login credentials which are stolen when an unsuspecting user provides them on the compromised client computer when connecting to Secure Shell servers. For more details on this malware, please visit Alert Logic’s page. 

Universal SSH Key Manager Privileged Access Management risk management Secure Shell governance

Universal SSH Key Manager® v. 2.3.0 – Mo’ Better K...

There are large numbers (even millions!) of unmanaged access credentials in practically every big enterprise network. Most of these credentials are SSH keys that are often self-provisioned by users. The lack of a central authority to oversee the process of issuing these credentials means there is no way to track credential lifecycles nor to ensure they are created according to policies and regulat...

PAM Secure Shell governance PAM bypass

5 ways to bypass PAM (Privileged Access Management...

So you have bought your expensive and extensive Privileged Access Management (PAM) solution. Controlling the access of users who deal with the most valuable information in your organization is generally a good idea. Now you are convinced that the access controls of your system administrators, database administrators, M2M connections and DevOps teams are securely in place. Unfortunately, we have ba...

open source SSH SSH hack threat Secure Shell governance vulnerability

Holy Seeping SCP!

Numerous IT media outlets, including The Register and Hacker News, reported earlier this week that serious vulnerabilities impacting several SCP (Secure Copy Protocol) clients have been discovered by a Finnish IT security researcher Harry Sintonen.

PCI DSS compliance Secure Shell governance PAM bypass

Top 3 PCI DSS compliance issues from weak Secure S...

The Payment Card Industry Data Security Standard (PCI DSS) is familiar to everyone in positions of responsibility in major finance companies, telcos, big box and online retailers and a host of other large organizations. Ensuring PCI DSS compliance is mandatory and fundamental in any organization that accepts, transmits or stores any cardholder data, regardless of the size or number of transactions...

identity and access management Privileged Access Management risk management Secure Shell governance

Is the board on board with who has access to missi...

As a board member, you’d be shocked to discover that one of your ex-employees still has access to the company email if she had left the company already a few months ago. You’d be even more shaken if you heard that the individual could also still access the company intranet.

Author

Want to be the first to know about new blog posts?

Fill in you email address and be the first to know about it. 

Subscribe to Email Updates

SSH.COM is one of the most trusted brands in cyber security.

We help major enterprises solve the security challenges of digital transformation. We design best-of-breed commercial solutions for secure access that help our customers win in the global data economy.

Read more about our SSH.COM

Latest posts from the SSH.COM blog