runZero Minutes, the SSHamble Edition

What happens in Vegas doesn’t always stay there — especially when it’s great news. Fresh from Hacker Summer Camp, we’re excited to share our latest research and a new open source tool with you.

runZero Research recently unearthed a wide array of vulnerabilities in SSH. These issues have evaded detection for years, largely due to a lack of tooling available to exercise the layers of the SSH protocol. That’s where SSHamble comes in. It's a new tool designed to simulate potential attack scenarios and help you uncover risks in your SSH implementations.

Want to see SSHamble in action and hear more about our new research? Join us for the next runZero Hour, where we'll be talking all things SSH.

We hope to see you virtually!
The runZero Team
Tune in next Wednesday for all things SSH and the virtual edition of our DEF CON talk.

Don't miss runZero Hour Episode 9! We'll be breaking down our new research and unpacking our new open source tool.  

  • Hear how our hunt for Jia Tan unexpectedly uncovered new SSH vulnerabilities and novel attacks
  • See the dynamics behind these attacks and exposures you should be on the lookout for in your environment
  • Learn how our new open source tool, SSHamble, can help you improve your SSH security and expand on our research
 
 
 

Meet our new open source tool: SSHamble 

SSHamble simulates potential attack scenarios, including unauthorized remote access due to unexpected state transitions, remote command execution in post-session login implementations, and information leakage through unlimited high-speed authentication requests.

The SSHamble interactive shell provides raw access to SSH requests in the post-session (but pre-execution) environment, allowing for simple testing of environment controls, signal processing, port forwarding, and more.

Ready to dive in?

 
 
 
[Video]
Into the Security CAASM with runZero: Dark Reading News Desk at Black Hat

The Register: Devices with insecure SSH services are everywhere, say infosec duo

Tune in today for best practices on safeguarding OT/ICS assets! 

Experts from the U.S. Department of Energy's National Renewable Energy Laboratory (NREL) are joining us today to explore:

  • Challenges in securing critical infrastructure and operational technology
  • Recommendations for performing asset identification, attack surface enumeration, and configuration management in OT/ICS environments
  • The evolution of OT/ICS security
  • Helpful resources for improving OT/ICS security

We'll also chat about NREL's recent evaluation of the runZero Platform... spoiler alert: runZero identified all IP-addressable assets and confirmed that active scanning can be safely used in OT/ICS environments with no impact on system performance!

Can't make it live? Register and we'll send you the link to watch on-demand.

 
 
 

Our research team has been busy publishing a slew of blogs! Perfect for your summer reading list.

[August 2024]
Cyber asset management in the era of segmentation decay

[August 2024]
Unusual Assets: The Riskiest Factor in Attack Surface Management

 
 
 

Did you know runZero can help you respond to remotely-discoverable zero-day threats without security probes or a rescan? It’s true!

Check out our Rapid Responses for tips from the runZero Research team and pre-built queries that can help you identify potential exposures in your environment — and that includes free trial users!


[Updated August 2024]
 How to find Siemens devices on your network
[Updated August 2024]
How to find IPv6-exposed Microsoft Windows systems on your network

[Updated August 2024]
How to find OpenSSH systems on your network