All versions of Openssh share a critical vulnerability, including embedded code that will never be updated

Every version of the popular Openssh program -- a critical, widely used tool for secure communications -- share a critical vulnerability that was present in the program's initial 1999 release. Read the rest

A common satellite comms package for ships and oil rigs has a backdoor that won't be patched

An audit of Inmarsat's AmosConnect 8 (originally sold by Stratos Global, now an Inmarsat division) reveals that the ship-to-satellite internet product has a deliberate hidden backdoor -- and an accidental SQL code-injection vulnerability -- that allows anyone in the world to take over all, interrupt, and/or spy on the internet access on many of the world's largest ships and oil rigs. Read the rest