Novel Terrapin attack could impact millions of SSH servers

Novel Terrapin attack could impact millions of SSH servers>
SC Magazine
A novel attack called “Terrapin” has the potential to compromise nearly 11 million SSH servers connected to the internet, accounting for around 52% of all scanned servers in IPv4 and IPv6 environments.
This attack could impact SSH channel integrity in specific encryption modes and deactivate keystroke timing attack defenses in OpenSSH 9\)5, as reported by BleepingComputer.
The United States had the highest number of systems vulnerable to the Terrapin attack, followed by China, Germany, Russia, Singapore, and Japan, according to a report from Shadowserver.
Developed by researchers at Ruhr University Bochum, the Terrapin attack requires an adversary-in-the-middle approach for threat actors to intercept and alter handshake exchanges in SSH clients and servers.
The significant global exposure to such an attack indicates a potentially widespread impact of compromise.
To mitigate this threat, organizations can utilize a vulnerability scanner provided by the research team at Ruhr University Bochum to ensure the security of their SSH clients or servers.
Link: https://www.scmagazine.com/brief/novel-terrapin-attack-could-impact-millions-of-ssh-servers


Categories:

Tags: