PuTTY vulnerability can be exploited to recover private keys (CVE-2024-31497)

16 April 2024

A vulnerability (CVE-2024-31497) in PuTTY, a popular SSH and Telnet client, could allow attackers to recover NIST P-521 client keys due to the “heavily biased” ECDSA nonces (random values used once), researchers have discovered. “To be more precise, the first 9 bits of each ECDSA nonce are zero.

Source: Help Net Security

Date:

16 April 2024

Categorie(s):

NEWS

Tag(s):

IT, News

What to know about AI at this year’s RSA Conference29 April 2024
Atos: French State Offers Non-Binding Intent to Acquire Cybersecurity and Computing Assets29 April 2024
Stop Managing Identities, Segment them Instead29 April 2024
Elastic VP Chris Townsend Says Data Transformation Critical to Improved Government Services29 April 2024
Study Reveals Alarming Levels of USPS Phishing Traffic29 April 2024