Millions still haven’t patched Terrapin SSH protocol vulnerability

Source

Enlarge (credit: Getty Images) Roughly 11 million Internet-exposed servers remain susceptible to a recently discovered vulnerability that allows attackers with a foothold inside affected networks. Once they're in, attackers compromise the integrity of SSH sessions that form the lynchpin for admins to securely connect to computers inside the cloud and other sensitive environments. Terrapin, as the vulnerability has been named, came to light two weeks ago in a research paper published by academic researchers. Tracked as CVE-2023-48795, the attack the researchers devised works when attackers have an adversary-in-the-middle attack (also abbreviated as AitM and known as man-in-the-middle or MitM), such [...]