runZero published new research on Secure Shell (SSH) exposures and unveiled a corresponding open-source tool, SSHamble. This tool helps security teams validate SSH implementations by testing for uncommon but dangerous misconfigurations and software bugs. Discovered weaknesses During their presentation at Black Hat USA 2024, HD Moore and Rob King shared that the research was prompted by the xz-utils backdoor incident and their investigation into “Jia Tan,” the persona used by likely nation-state actors to plant … More

The post SSHamble: Open-source security testing of SSH services appeared first on Help Net Security.