Hello, welcome to the Thursday, November 2, 2017 edition of the Sansonet Storm Center's Stormcast. My name is Johannes Ulrich and the damn recording from Frankfurt, Germany.

In a diary today, Rob is giving us line-by-line advice in how to configure SSH properly on Cisco iOS. Now, you all know that you probably

do want to disable as age version 1 and the like, but in his guidance, he actually

implements guidance given by NIST as to how to properly configure SSH key strengths and the like.

So this really goes a little bit more in depth.

And if you're using Cisco equipment, you may want to take a look because really all you

have to do is more or less copy and paste what Rob offers here.

Now, probably changing your default credentials is a good start to secure SH, and sadly,

people still haven't learned that lesson.

And some users of Ethereum's mining equipment running the ETHOS operating system, learn that the hard way by having their mining equipment

hijacked. Apparently, someone is scanning the internet for systems running this operating

system and then logging in using default credentials and then changing the wallet address to mine for the attacker's wallet.

Luckily so far, the profit made in this particular endeavor isn't all that great.

About $600 is what Bit Defender is reporting in their write-up of this incident. But of course, it's very

possible that there are other scans out there for other wallets that haven't been discovered

by Bit Defender's research. Now, Kaspersky is reporting about another very simple trick

in order to steal cryptocurrencies.

They call it crypto-shoveler and what it does is it's malware that sits on the victim's computer watching the clipboard.

Whenever it does see something on the clipboard that looks like a cryptocurrency wallet address,

it will replace it with an address owned by the bad guy.

And of course, since crypto coin addresses are usually rather long and complex copy paste is

probably the easiest and safest way, usually if you're not infected

...