#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

SSH Server | Breaking Cybersecurity News | The Hacker News

Category — SSH Server
New Terrapin Flaw Could Let Attackers Downgrade SSH Protocol Security

New Terrapin Flaw Could Let Attackers Downgrade SSH Protocol Security

Jan 01, 2024 Encryption / Network Security
Security researchers from Ruhr University Bochum have discovered a vulnerability in the Secure Shell ( SSH ) cryptographic network protocol that could allow an attacker to downgrade the connection's security by breaking the integrity of the secure channel. Called  Terrapin  ( CVE-2023-48795 , CVSS score: 5.9), the exploit has been described as the "first ever practically exploitable prefix truncation attack." "By carefully adjusting the sequence numbers during the handshake, an attacker can remove an arbitrary amount of messages sent by the client or server at the beginning of the secure channel without the client or server noticing it," researchers Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk  said . SSH is a  method  for securely sending commands to a computer over an unsecured network. It relies on cryptography to authenticate and encrypt connections between devices. This is accomplished by means of a handshake in which a client and server agree up...
Warning: Poorly Secured Linux SSH Servers Under Attack for Cryptocurrency Mining

Warning: Poorly Secured Linux SSH Servers Under Attack for Cryptocurrency Mining

Dec 27, 2023 Malware / Server Security
Poorly secured Linux SSH servers are being targeted by bad actors to install port scanners and dictionary attack tools with the goal of targeting other vulnerable servers and co-opting them into a network to carry out cryptocurrency mining and distributed denial-of-service (DDoS) attacks. "Threat actors can also choose to install only scanners and sell the breached IP and account credentials on the dark web," the AhnLab Security Emergency Response Center (ASEC)  said  in a report on Tuesday. In these attacks, adversaries try to guess a server's SSH credentials by running through a list of commonly used combinations of usernames and passwords, a technique called dictionary attack. Should the brute-force attempt be successful, it's followed by the threat actor deploying other malware, including scanners, to scan for other susceptible systems on the internet. Specifically, the scanner is designed to look for systems where port 22 -- which is associated with the SSH ...
Want to Grow Vulnerability Management into Exposure Management? Start Here!

Want to Grow Vulnerability Management into Exposure Management? Start Here!

Dec 05, 2024Attack Surface / Exposure Management
Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it aims to help organizations identify and address potential security issues before they become serious problems. Yet, in recent years, the limitations of this approach have become increasingly evident.  At its core, Vulnerability Management processes remain essential for identifying and addressing weaknesses. But as time marches on and attack avenues evolve, this approach is beginning to show its age. In a recent report, How to Grow Vulnerability Management into Exposure Management (Gartner, How to Grow Vulnerability Management Into Exposure Management, 8 November 2024, Mitchell Schneider Et Al.), we believe Gartner® addresses this point precisely and demonstrates how organizations can – and must – shift from a vulnerability-centric strategy to a broader Exposure Management (EM) framework. We feel it's more than a worthwhile read an...
Expert Insights / Articles Videos
Cybersecurity Resources