CSOonline

OpenSSH fixes flaws that enable man-in-the-middle, DoS attacks

Researchers from Qualys found two vulnerabilities that can be combined to bypass the server key verification in OpenSSH clients when the VerifyHostKeyDNS is used, allowing man-in-the-middle attackers ...
WeLiveSecurity

PlushDaemon compromises network devices for adversary-in-the-middle attacks

ESET researchers provide insights into how PlushDaemon performs adversary-in-the-middle attacks using a previously undocumented network implant that we have named EdgeStepper, which redirects all DNS ...