all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Passive SSH server private key compromise is real ... for some vulnerable gear

Add to bookmarks
Nov. 14, 2023, 2:38 a.m. | Jessica Lyons Hardcastle

The Register - Security www.theregister.com

OpenSSL, LibreSSL, OpenSSH users, don't worry – you can sit this one out

An academic study has shown how it's possible for someone to snoop on certain devices' SSH connections and, with a bit of luck, impersonate that equipment after silently figuring out the hosts' private RSA keys.…

academic compromise connections devices don equipment gear key openssh openssl passive private private key real rsa server snoop ssh study vulnerable

Visit resource

More from www.theregister.com / The Register - Security

Kaspersky accused of helping Russia develop military drone systems an hour ago | www.theregister.com
design drone drones good +12
It may take decade to shore up software supply chain security, says infosec CEO 5 hours ago | www.theregister.com
ceo cybersecurity cybersecurity news endor labs +14
Europol op shutters 12 scam call centers and cuffs 21 suspected fraudsters 17 hours ago | www.theregister.com
action arrested art call +15
Indonesia sneakily buys spyware, claims Amnesty International 18 hours ago | www.theregister.com
amnesty amnesty international claims equipment +14
Chinese government website security is often worryingly bad, say Chinese researchers 20 hours ago | www.theregister.com
attacks bad chinese chinese government +17
Microsoft, Google do a victory lap around passkeys 23 hours ago | www.theregister.com
accounts apps commercial device +12
Florida man gets 6 years behind bars for flogging fake Cisco kit to US military 1 day, 1 hour ago | www.theregister.com
air air force busted cisco +14
Patch up – 4 critical bugs in ArubaOS lead to remote code execution 1 day, 2 hours ago | www.theregister.com
arubaos bugs bundle code +10
Federal frenzy to patch gaping GitLab account takeover hole 1 day, 8 hours ago | www.theregister.com
account account takeover agency cisa +17

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Senior Security Specialist, Forsah Technical and Vocational Education and Training (Forsah TVET) (NEW)

@ IREX | Ramallah, West Bank, Palestinian National Authority
View on infosec-jobs.com

Consultant(e) Junior Cybersécurité

@ Sia Partners | Paris, France
View on infosec-jobs.com

Senior Network Security Engineer

@ NielsenIQ | Mexico City, Mexico
View on infosec-jobs.com

Senior Consultant, Payment Intelligence

@ Visa | Washington, DC, United States
View on infosec-jobs.com

Corporate Counsel, Compliance

@ Okta | San Francisco, CA; Bellevue, WA; Chicago, IL; New York City; Washington, DC; Austin, TX
View on infosec-jobs.com

Security Operations Engineer

@ Samsara | Remote - US
View on infosec-jobs.com
View more jobs