Security News > 2024 > January > Nearly 11 million SSH servers vulnerable to new Terrapin attacks
Almost 11 million internet-exposed SSH servers are vulnerable to the Terrapin attack that threatens the integrity of some SSH connections.
The Terrapin attack targets the SSH protocol, affecting both clients and servers, and was developed by academic researchers from Ruhr University Bochum in Germany.
A recent report by security threat monitoring platform Shadowserver warns that there are nearly 11 million SSH servers on the public web - identified by unique IP addresses, that are vulnerable to Terrapin attacks.
The significance of Shadowserver's report lies in highlighting that Terrapin attacks can have a widespread impact.
While not all 11 million instances are at immediate risk of being attacked, it shows that adversaries have a large pool to choose from.
Terrapin attacks can downgrade security of OpenSSH connections.
News URL
Related news
- New scanner finds Linux, UNIX servers exposed to CUPS RCE attacks (source)
- Cybercriminals Exploiting Docker API Servers for SRBMiner Crypto Mining Attacks (source)
- Exploit released for new Windows Server "WinReg" NTLM Relay attack (source)
- Critical RCE bug in VMware vCenter Server now exploited in attacks (source)