Softpedia – (International) GitHub forced to disable search after exposing private SSH keys. GitHub disabled its new search function after it returned results that included private Secure Shell (SSH) keys used by several Web sites.
IDG News Service – (International) Web server hackers install rogue Apache modules and SSH backdoors, researchers say. Researchers from Securi reported that a group of attackers using rogue Apache modules has been replacing Secure Shell (SSH) binary files in compromised servers with backdoored versions that collect user information and passwords from incoming and outgoing SSH connections.
Source: http://www.networkworld.com/news/2013/012413-web-server-hackers-install-rogue-266121.html
Krebs on Security – (International) Backdoors found in Barracuda Networks gear. Various spam filters, firewalls, and VPN appliances sold by Barracuda Networks contain undocumented backdoor accounts that could be remotely accessed via secure shell (SSH) and are accessible to hundreds of non-Barracuda companies, the vendor acknowledged.
Source: http://krebsonsecurity.com/2013/01/backdoors-found-in-barracuda-networks-gear/
InformationWeek – (International) Security flaws leave networked printers open to attack. A security researcher discovered flaws in Hewlitt-Packard’s JetDirect printer networking software which can be used to bypass security controls, disable printers, or reprint previous documents.
Softpedia – (International) PayPal addresses blind SQL injection vulnerability after being notified by experts. About 5 months after being notified by cyber security experts, PayPal has fixed a security flaw on their Web site which was vulnerable to a Blind SQL Injection.
