The good news is there's already a patch. The bad news is that the fix isn't available for all Linux distributions yet. Here's what you can do in the meantime.
It is more important than ever to introduce geo-ip conditional access on your network(s). That way you limit your attack surface by a significant margin.
Oh FFS, the rest of my life is doomed to be spent updating software
It is more important than ever to introduce geo-ip conditional access on your network(s). That way you limit your attack surface by a significant margin.
My personal stuff 100%
For work? No such choice (apart from the obvious ones)
Your work most likely already has conditional access through MS Entra
Not a Microsoft shop, but yes they have a pretty extensive IDS for anything public facing, another company to handle internal Auth
🌏🧑🚀🔫🧑🚀
Always has been!
But careful not to update too fast and fall on the supply chain attack of the week.
Pretty sure that was in the bible.
Proverbs 25:16 - If you find honey, eat just enough - too much of it, and you will vomit.
Could update that to be: If you find updates, apply them - too soon though, and you will vomit your credentials.
That’s difficult. Openssh is coded in C, not js.
That’s what we call job security, I suppose.