Originally Posted by whmcsguru
Oh lovely... Keep your stuff up to date, people!
This can't be emphasised strongly enough. It's definitely a good idea to configure automatic updates if possible, for example using Unattended Upgrades (Debian/Ubuntu). If you're concerned about an update potentially breaking an existing solution, exceptions can be added for some packages. Automatic updates can greatly reduce the amount of time that your system is left exposed to newly emerging vulnerabilities.
This particular example shows the importance of hardening the security of your SSH server with tools such as fail2ban that can reduce the risk of brute force/password guessing attacks. If password authentication is in use, there's certainly no alternative for a secure password though.
To reduce the risk of fully automated intrusion even further, it's a great idea to use an uncommon non-root username and move the SSH server to a non-default port. Port knocking can also be used to increase the complexity required to successfully port scan for the SSH server. The majority of SSH botnets/worms will only target SSH servers on port 22.