SiliconANGLE

SSH communications threatened by emerging ‘Terrapin Attack’ method

Researchers have published details about a new attack method that exploits a vulnerability in the Secure Socket Shell or SSH networking protocol that raises concerns about the security of data ...
Bleeping Computer

Terrapin attacks can downgrade security of OpenSSH connections

Academic researchers developed a new attack called Terrapin that manipulates sequence numbers during the handshake process to break the SSH channel integrity when certain widely-used encryption modes ...
Ars Technica

Hackers can break SSH channel integrity using novel data-corruption attack

Regardless of its fate, SSH has a place in my hall of fame as a foundational security protocol. Sure, other protocols existed at the time. But SSH was ubiquitous and changed everything. Before SSH ...
Bleeping Computer

New proxyjacking attacks monetize hacked SSH servers’ bandwidth

Attackers behind an ongoing series of proxyjacking attacks are hacking into vulnerable SSH servers exposed online to monetize them through proxyware services that pay for sharing unused Internet ...
Ars Technica

Defending against SSH brute force attacks

We're seeing a lot of SSH brute-force attempts against our remote systems recently. These are 10.3 with the firewall on; we use SSH for remote admin. Turning it off is an option, but a last-resort one ...
CRN

US-CERT Confirms Attacks Using Stolen SSH Keys

According to US-CERT, phalanx2 bears certain similarities to an older rootkit called "phalanx," and is set up to steal SSH keys and send them to attackers, who then turn around and use them to break ...