all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

TERRAPIN and SSH Prefix Truncation Attack

Add to bookmarks
Dec. 31, 2023, 11:33 p.m. | Bob Gezelte

The RISKS Digest catless.ncl.ac.uk 

ArsTechnica reported that Terrapin, a man-in-the-middle attack against the
widely used SSH protocol, is feasible in combination with widely used
"ChaCha20-Poly1305" or "CBC with Encrypt-then-MAC" encryption modes.

https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/

attack cbc chacha20 encrypt encryption mac man-in-the-middle protocol ssh ssh protocol terrapin

Visit resource

More from catless.ncl.ac.uk / The RISKS Digest

iPhone Apps Secretly Harvest Data When They Send Notifications 4 months ago | catless.ncl.ac.uk
acm app app development apple +20
Authorities investigating massive security breach at Global Affairs Canada 4 months ago | catless.ncl.ac.uk
breach canada canadian cbc +19
Bugs in our pockets: the risks of client-side scanning 4 months ago | catless.ncl.ac.uk
bugs businesses client client-side +20
Tesla Hacked at Pwn2Own Automotive 2024 4 months ago | catless.ncl.ac.uk
automotive awards bleepingcomputer bug +21
The Great Freight-Train Heists of the 21st Century 4 months ago | catless.ncl.ac.uk
access amazon breaking can +13
Offshore Wind Farms Vulnerable to Cyberattacks 4 months ago | catless.ncl.ac.uk
acm blackouts canada concordia +21
EFI IPv6/PXE Security Flaw 4 months, 1 week ago | catless.ncl.ac.uk
code console critical enable +19
Imaging privacy threats from an ambient light sensor 4 months, 1 week ago | catless.ncl.ac.uk
Re: CLEAR wants to scan your face at airports. Privacy experts are worried. 4 months, 1 week ago | catless.ncl.ac.uk
airports case clear down +11

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote
View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC
View on infosec-jobs.com