VMTech
+381 11 4150 20024/7 Discuss a project
← All Instagram insights VMTECH · INSTAGRAM

Operation Highland: Backdoor in PAM and OpenSSH Hidden for Nearly a Decade

Operation Highland: бэкдор в PAM и OpenSSH скрывался почти десять лет

Colleagues, a cybersecurity alert: Sygnia researchers uncovered that a China-aligned group implanted backdoors in PAM and OpenSSH and remained undetected since 2016.

- Modified trusted login modules: secret passwords, credential and command logging; nine distinct versions identified.
- Access via internet-facing systems and a bridge into isolated networks; apparent exploits not required.
- Standard responses—password resets, session termination—are ineffective if authentication software is compromised.

Why this matters: monitor integrity of authentication components and verify against golden copies before rotating credentials.

What practices do you use to monitor PAM/OpenSSH?

#cybersecurity #Linux #infrastructure #PAM

Latest comments

No comments yet.