all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Critical Crypto Bug Fixed in PuTTY

Add to bookmarks
April 16, 2024, 7:15 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

Many versions of the PuTTY client have a subtle vulnerability that can allow an attacker to compromise some private keys and then forge signatures and log into any remote servers on which those keys are used.


The bug affects versions 0.68-0.80 of PuTTY, a popular client used for SSH, Telnet, and other remote communication protocols, and derives from the fact that when using a specific NIST elliptic curve, the client produces biased ECDSA nonces. The weakness only applies to 521-bit …

attacker bug can client communication compromise critical crypto forge keys log popular private private keys putty servers signatures ssh telnet vulnerability

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Latin America Under Threat: The Venom RAT Campaign’s Cyber Invasion Initiative 27 minutes ago | malware.news
action actor america campaign +13
Managed Detection and Response in 2023 an hour ago | malware.news
analysis and response center collecting +26
Dynamic Link Dazzle: Unveiling the Dark Side of DLLs an hour ago | malware.news
application apt apt groups chinese +20
KapeKa Backdoor: Russian Threat Actor Group’s Recent Attacks 2 hours ago | malware.news
actor attacks backdoor cyber +16
Why space exploration is important for Earth and its future: Q&A with David Eicher 2 hours ago | malware.news
amp article benefits beyond +18
ISC Stormcast For Tuesday, April 30th, 2024 https://isc.sans.edu/podcastdetail/8960, (Tue, Apr 30th) 7 hours ago | malware.news
topic
Report on the First Scientific Experiment to Test the Impact of Generative AI on Complex, … 7 hours ago | malware.news
boston business consultants consulting +16
2023 Activities Summary of SectorD groups (KOR) 7 hours ago | malware.news
Relaying Kerberos Authentication from DCOM OXID Resolving 9 hours ago | malware.news
access active directory adcs administrator +21

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Senior Security Engineer

@ Core10 | Nashville, Tennessee, United States - Remote
View on infosec-jobs.com

Security Operations Engineer I

@ Jamf | US Remote
View on infosec-jobs.com

IT Security ISSO Specialist (15.10)

@ OCT Consulting, LLC | Washington, District of Columbia, United States
View on infosec-jobs.com

Compliance Officer

@ Aspire Software | Canada - Remote
View on infosec-jobs.com

Security Operations Center (SOC) - AVP

@ Paytm | Noida, Uttar Pradesh
View on infosec-jobs.com
View more jobs