From Help Net Security:
Weak SSH keys opened many GitHub repositories to compromise
Github repositories of many entities, projects, and even one government could have been compromised and used to deliver malicious code due to the owners' use of easily crackable SSH keys.
"A little known feature of GitHub is the ability to look at the public SSH keys that other users have set to be authorised on their account," software developer Ben Cartwright-Cox explains in a recent blog post detailing this finding.
No comments:
Post a Comment