all InfoSec news
TERRAPIN and SSH Prefix Truncation Attack
Dec. 31, 2023, 11:33 p.m. | Bob Gezelte
The RISKS Digest catless.ncl.ac.uk
ArsTechnica reported that Terrapin, a man-in-the-middle attack against the
widely used SSH protocol, is feasible in combination with widely used
"ChaCha20-Poly1305" or "CBC with Encrypt-then-MAC" encryption modes.
https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/
attack cbc chacha20 encrypt encryption mac man-in-the-middle protocol ssh ssh protocol terrapin
More from catless.ncl.ac.uk / The RISKS Digest
iPhone Apps Secretly Harvest Data When They Send Notifications
2 months, 3 weeks ago |
catless.ncl.ac.uk
Authorities investigating massive security breach at Global Affairs Canada
2 months, 3 weeks ago |
catless.ncl.ac.uk
Bugs in our pockets: the risks of client-side scanning
2 months, 3 weeks ago |
catless.ncl.ac.uk
Tesla Hacked at Pwn2Own Automotive 2024
2 months, 3 weeks ago |
catless.ncl.ac.uk
The Great Freight-Train Heists of the 21st Century
2 months, 3 weeks ago |
catless.ncl.ac.uk
Offshore Wind Farms Vulnerable to Cyberattacks
2 months, 3 weeks ago |
catless.ncl.ac.uk
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Cybersecurity Engineer
@ Booz Allen Hamilton | USA, VA, Arlington (1550 Crystal Dr Suite 300) non-client
Invoice Compliance Reviewer
@ AC Disaster Consulting | Fort Myers, Florida, United States - Remote
Technical Program Manager II - Compliance
@ Microsoft | Redmond, Washington, United States
Head of U.S. Threat Intelligence / Senior Manager for Threat Intelligence
@ Moonshot | Washington, District of Columbia, United States
Customer Engineer, Security, Public Sector
@ Google | Virginia, USA; Illinois, USA