all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

New SSH Vulnerability

Add to bookmarks
Nov. 15, 2023, 5:51 p.m. | Bruce Schneier

Security Boulevard securityboulevard.com

This is interesting:



For the first time, researchers have demonstrated that a large portion of cryptographic keys used to protect data in computer-to-server SSH traffic are vulnerable to complete compromise when naturally occurring computational errors occur while the connection is being established.


[…]


The vulnerability occurs when there are errors during the signature generation that takes place when a client and server are establishing a connection. It affects only keys using the RSA cryptographic algorithm, which the researchers found …

academic papers compromise computational computer cryptographic cryptography data errors keys large protect researchers server signature signatures ssh traffic vulnerabilities vulnerability vulnerable

Visit resource

More from securityboulevard.com / Security Boulevard

Airsoft Data Breach Exposes Data of 75,000 Players an hour ago | securityboulevard.com
airsoft attack surface authentication breach +31
Palo Alto Networks Extends SASE Reach to Unmanaged Devices 5 hours ago | securityboulevard.com
alto devices devops devsecops +20
USENIX Security ’23 – Cryptographic Deniability: A Multi-perspective Study of User Perceptions and Expectations 6 hours ago | securityboulevard.com
access authors channel conference +17
The impact of automating open source dependency management 6 hours ago | securityboulevard.com
automation business consuming customer +14
Unlocking SMB Cybersecurity: The Rise of Virtual CISOs in 2024 and Beyond 6 hours ago | securityboulevard.com
align beyond business businesses +20
Navigating Container Security with AttackIQ’s Optimization Solutions 6 hours ago | securityboulevard.com
attackiq businesses challenge cloud security +19
CEO Discusses MDR Service With a Risk-Based Approach 7 hours ago | securityboulevard.com
aids apps artificial artificial intelligence +29
GitLab ‘Perfect 10’ Bug Gets a CISA Warning: PATCH NOW 7 hours ago | securityboulevard.com
agency analytics & intelligence api security bug +70
Our New “Days of Rage” Protest Activity and Considerations for Corporate Security 8 hours ago | securityboulevard.com
article attack college corporate +23

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Senior Security Specialist, Forsah Technical and Vocational Education and Training (Forsah TVET) (NEW)

@ IREX | Ramallah, West Bank, Palestinian National Authority
View on infosec-jobs.com

Consultant(e) Junior Cybersécurité

@ Sia Partners | Paris, France
View on infosec-jobs.com

Senior Network Security Engineer

@ NielsenIQ | Mexico City, Mexico
View on infosec-jobs.com

Senior Consultant, Payment Intelligence

@ Visa | Washington, DC, United States
View on infosec-jobs.com

Corporate Counsel, Compliance

@ Okta | San Francisco, CA; Bellevue, WA; Chicago, IL; New York City; Washington, DC; Austin, TX
View on infosec-jobs.com

Security Operations Engineer

@ Samsara | Remote - US
View on infosec-jobs.com
View more jobs