The National Institute of Standards and Technology (NIST) has proposed ending some password requirements. The changes include barring periodic password changes, not requiring the use of specific characters, and stopping the use of security questions. All organisations interacting with the federal government are required to comply with the Digital Identity Guidelines. Critics have argued against password rules that do more harm than good for a while now. NIST is accepting inputs on the guidelines till 7 October.

Outlaw Group Uses SSH Brute-Force to Deploy Cryptojacking Malware on Linux Servers
Cybersecurity researchers have revealed details about Outlaw, an “auto-propagating” cryptocurrency mining botnet that targets SSH servers with weak credentials. The Romanian-origin malware performs SSH brute-force