all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

New Terrapin Flaw Could Let Attackers Downgrade SSH Protocol Security

Add to bookmarks
Jan. 1, 2024, 9:37 a.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

Security researchers from Ruhr University Bochum have discovered a vulnerability in the Secure Shell (SSH) cryptographic network protocol that could allow an attacker to downgrade the connection's security by breaking the integrity of the secure channel.
Called Terrapin (CVE-2023-48795, CVSS score: 5.9), the exploit has been described as the "first ever practically exploitable prefix

attacker attackers breaking called channel cryptographic cve cve-2023-48795 cvss cvss score exploit flaw integrity network protocol protocol security researchers ruhr university bochum score security security researchers shell ssh ssh protocol terrapin university vulnerability

Visit resource

More from thehackernews.com / The Hacker News

Russian Hacker Dmitry Khoroshev Unmasked as LockBit Ransomware Administrator 5 hours ago | thehackernews.com
addition administrator agency crime +17
APT42 Hackers Pose as Journalists to Harvest Credentials and Access Cloud Data 8 hours ago | thehackernews.com
academia access activists apt42 +32
China-Linked Hackers Used ROOTROT Webshell in MITRE Network Intrusion 8 hours ago | thehackernews.com
attack back china china-linked hackers +16
New Case Study: The Malicious Comment 10 hours ago | thehackernews.com
case code comments discover +12
Google Simplifies 2-Factor Authentication Setup (It's More Important Than Ever) 11 hours ago | thehackernews.com
2fa 2-step verification 2sv accounts +18
Russian Operator of BTC-e Crypto Exchange Pleads Guilty to Money Laundering 12 hours ago | thehackernews.com
alexander vinnik august btc btc-e +19
Critical Tinyproxy Flaw Opens Over 50,000 Hosts to Remote Code Execution 1 day, 7 hours ago | thehackernews.com
cisco code code execution critical +21
China-Linked Hackers Suspected in ArcaneDoor Cyberattacks Targeting Network Devices 1 day, 7 hours ago | thehackernews.com
arcanedoor attack attack surface attack surface management +23
It Costs How Much?!? The Financial Pitfalls of Cyberattacks on SMBs 1 day, 10 hours ago | thehackernews.com
business cyberattacks cybercriminals financial +8

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Incident Response Lead

@ Blue Yonder | Hyderabad
View on infosec-jobs.com

GRC Analyst

@ Chubb | Malaysia
View on infosec-jobs.com

Information Security Manager

@ Walbec Group | Waukesha, WI, United States
View on infosec-jobs.com

Senior Executive / Manager, Security Ops (TSSQ)

@ SMRT Corporation Ltd | Singapore, SG
View on infosec-jobs.com

Senior Engineer, Cybersecurity

@ Sonova Group | Valencia (CA), United States
View on infosec-jobs.com

Consultant (Multiple Positions Available)

@ Atos | Plano, TX, US, 75093
View on infosec-jobs.com
View more jobs