ITmedia

SSHクライアント「PuTTY」に重大な脆弱性 秘密鍵を窃取できる可能性 ...

この記事は会員限定です。会員登録すると全てご覧いただけます。 PuTTYチームは2024年4月15日(現地時間)、「Windows」向けSSHクライアントである「PuTTY」に重大な脆弱(ぜいじゃく)性「CVE-2024-31497」が存在すると伝えた。これを悪用された場合、署名付き ...
Excite エキサイト

PuTTY SSH クライアントの ECDSA 署名処理の実装に脆弱性

独立行政法人情報処理推進機構(IPA)および一般社団法人JPCERT コーディネーションセンター(JPCERT/CC)は4月18日、PuTTY SSH ...
Bleeping Computer

Citrix warns admins to manually mitigate PuTTY SSH client bug

Citrix notified customers this week to manually mitigate a PuTTY SSH client vulnerability that could allow attackers to steal a XenCenter admin's private SSH key. XenCenter helps manage Citrix ...
ZDNet

Trojanized version of PuTTY client discovered online

A version of the open-source PuTTY client has been discovered online which includes an information-stealing Trojan. According to Symantec researchers, an unofficial version of the open-source Secure ...
TechRadar

Security flaw in top SSH client could let hackers recover cryptographic private keys

Multiple versions of the PuTTY SSH client were found to be vulnerable to a high-severity flaw which allowed, in certain scenarios, threat actors to exfiltrate private keys used to generate ...
Infosecurity-magazine.com

New Spear Phish Methodology Relies on PuTTY SSH Client to Infect Systems

Hackers associated with North Korea are using trojanized versions of the PuTTY SSH open-source terminal emulator to install backdoors on victims' devices. Discovered by Mandiant, the threat actor ...