cybersecurity

3109 readers

19 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Be kind
Limit promotional activities
Non-cybersecurity posts should be redirected to other communities within infosec.pub.

Enjoy!

founded 1 year ago

MODERATORS

[email protected]

"In a first, cryptographic keys protecting SSH connections stolen in new attack" (arstechnica.com)

submitted 9 months ago by [email protected] to c/[email protected]

3 comments fedilink hide all child comments

I read most of this article trying to determine if I was impacted, so to save you the trouble:

The researchers traced the keys they compromised to devices that used custom, closed-source SSH implementations that didn’t implement the countermeasures found in OpenSSH and other widely used open source code libraries.

top 3 comments

sorted by: hot top controversial new old

[–] [email protected] 9 points 9 months ago

You da real mvp

[–] [email protected] 7 points 9 months ago* (last edited 9 months ago)

tldr 1 in a million RSA keys are vulnerable

[–] [email protected] 1 points 9 months ago

I migrated most of my keys to ed25519 a while ago, I probably should keep going