Security News > 2024 > January > Nearly 11 million SSH servers vulnerable to new Terrapin attacks
Almost 11 million internet-exposed SSH servers are vulnerable to the Terrapin attack that threatens the integrity of some SSH connections.
The Terrapin attack targets the SSH protocol, affecting both clients and servers, and was developed by academic researchers from Ruhr University Bochum in Germany.
A recent report by security threat monitoring platform Shadowserver warns that there are nearly 11 million SSH servers on the public web - identified by unique IP addresses, that are vulnerable to Terrapin attacks.
The significance of Shadowserver's report lies in highlighting that Terrapin attacks can have a widespread impact.
While not all 11 million instances are at immediate risk of being attacked, it shows that adversaries have a large pool to choose from.
Terrapin attacks can downgrade security of OpenSSH connections.
News URL
Related news
- Crafting Shields: Defending Minecraft Servers Against DDoS Attacks (source)
- 17,000+ Microsoft Exchange servers in Germany are vulnerable to attack, BSI warns (source)
- New HTTP/2 Vulnerability Exposes Web Servers to DoS Attacks (source)
- New HTTP/2 DoS attack can crash web servers with a single connection (source)
- Widely-Used PuTTY SSH Client Found Vulnerable to Key Recovery Attack (source)
- Cisco Warns of Global Surge in Brute-Force Attacks Targeting VPN and SSH Services (source)