techtimes

GitHub's RSA SSH Private Key Leaks! Was It a Breach?

GitHub's RSA SSH private key was accidentally leaked to the public, as confirmed by the code hosting platform's CEO, Mike Hanley. An engineer from the Israeli company "Commun.it" uses his expertise in ...
Ars Technica

Serious bug causes “quite a few” HTTPS sites to reveal their private keys

According to a security researcher for Linux distributer Red Hat, network hardware sold by several manufacturers failed to properly implement a widely used cryptographic standard, a data-leaking ...
Ars Technica

In a first, cryptographic keys protecting SSH connections stolen in new attack

For the first time, researchers have demonstrated that a large portion of cryptographic keys used to protect data in computer-to-server SSH traffic are vulnerable to complete compromise when naturally ...
Hackaday

Bad RSA Library Leaves Millions Of Keys Vulnerable

A vulnerability has been found in a software library responsible for generating RSA key pairs used in hardware chips manufactured by Infineon Technologies AG. The vulnerability, dubbed ROCA, allows ...
Threat Post

Factorization Flaw in TPM Chips Makes Attacks on RSA Private Keys Feasible

A flawed Infineon Technology chipset left HP, Lenovo and Microsoft devices open to what is called a ‘practical factorization attack,’ in which an attacker computes the private part of an RSA key. A ...
Threat Post

TLS Implementations Vulnerable to RSA Key Leaks

A number of TLS software implementations contain vulnerabilities that allow hackers with minimal computational expense to learn RSA keys. A number of TLS software implementations contain ...
Bleeping Computer

Cisco fixes bug allowing RSA private key theft on ASA, FTD devices

Cisco has addressed a high severity vulnerability affecting its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software. Tracked as CVE-2022-20866, this security flaw is due to a ...