Security News

This isn't one to panic over, because someone will need to man-in-the-middle your vulnerable connection rather than directly attack your server; it's a downgrade attack primarily rather than a decryption or command injection issue; and there are ways to immediate protect yourself from Terrapin attacks. There are three issues to be aware of: CVE-2023-48795, which is the generic exploitable protocol-level SSH vulnerability; and CVE-2023-46445 and CVE-2023-46446 specific to the Python SSH client AsyncSSH, which has an estimated 60,000 daily downloads.

Security researchers have discovered a vulnerability in the SSH cryptographic network protocol that could allow an attacker to downgrade the connection's security by truncating the extension negotiation message. Terrapin is a prefix truncation attack targeting the SSH protocol.

A new study has demonstrated that it's possible for passive network attackers to obtain private RSA host keys from a vulnerable SSH server by observing when naturally occurring computational...

A team of academic researchers from universities in California and Massachusetts demonstrated that it's possible under certain conditions for passive network attackers to retrieve secret RSA keys from naturally occurring errors leading to failed SSH connection attempts. A paper published by university researchers Keegan Ryan, Kaiwen He, Nadia Heninger, and George Arnold Sullivan, shows that it's possible for a passive network attacker to obtain a private RSA key from SSH servers experiencing faults during signature computation.

For the first time, researchers have demonstrated that a large portion of cryptographic keys used to protect data in computer-to-server SSH traffic are vulnerable to complete compromise when naturally occurring computational errors occur while the connection is being established. The vulnerability occurs when there are errors during the signature generation that takes place when a client and server are establishing a connection.

OpenSSL, LibreSSL, OpenSSH users, don't worry – you can sit this one out An academic study has shown how it's possible for someone to snoop on certain devices' SSH connections and, with a bit of...

Sandu Diaconu, the operator of the E-Root marketplace, has been extradited to the U.S. to face a maximum imprisonment penalty of 20 years for selling access to compromised computers. Last month, Diaconu consented to be extradited to the United States for wire fraud, money laundering, computer fraud, and access device fraud.

The threat actors behind ShellBot are leveraging IP addresses transformed into its hexadecimal notation to infiltrate poorly managed Linux SSH servers and deploy the DDoS malware. "The overall...

How to Mount Remote Directories with SSH Learn how to easily mount remote directories with the help of a more secure SSH tool. Do you have remote directories you need to mount on your local desktop so you can work on code, configurations, documentation or just about any kind of file? If those remote files are on a server and you don't want to share them via the less secure Samba, Secure Shell has you covered.

A stream of malicious npm and PyPi packages have been found stealing a wide range of sensitive data from software developers on the platforms. The campaign started on September 12, 2023, and was first discovered by Sonatype, whose analysts unearthed 14 malicious packages on npm.